Edgewall Software

Changes between Version 8 and Version 9 of TracDev/Proposals/EvenFinerGrainedPermissions


Ignore:
Timestamp:
Mar 11, 2017, 10:55:37 PM (3 years ago)
Author:
Ryan J Ollos
Comment:

Point to another example.

Legend:

Unmodified
Added
Removed
Modified
  • TracDev/Proposals/EvenFinerGrainedPermissions

    v8 v9  
    99 - lack of precision over the '''target''' of the check (#8653)
    1010
    11 This has lead to put this additional precision in the permission action itself, for example:
     11This has lead to proposed or actual changes that add precision in the permission action itself, for example:
    1212 - user related:
    1313   - TICKET_IS_OWNER in #7438
     
    1515   - TICKET_EDIT_COMMENT in #454
    1616   - TICKET_EDIT_DESCRIPTION in #8548
     17   - TICKET_EDIT_MILESTONE in #8778
    1718
    1819IPermissionPolicy plugins have the same tendency.
     
    3132For extending the precision over the '''target''', we could have a very simple set of permissions (''read'', ''modify'', ''delete'', ''append'', for example) and use child resources to identify sub-elements of a resource (like fields or comments).
    3233
    33 For introducing more elaborate concepts about the '''user''', we could use virtual groups. In a similar way than  the ''authenticated'' group currently represents the sets of authenticated users, we could imagine group providers attributing special membership to an user, depending on which ''resource'' is being targeted. Therefore we could imagine an ''owner'' or ''author'' virtual groups (#7438).
     34For introducing more elaborate concepts about the '''user''', we could use virtual groups. In a similar way than  the ''authenticated'' group currently represents the sets of authenticated users, we could imagine group providers attributing special membership to a user, depending on which ''resource'' is being targeted. Therefore we could imagine an ''owner'' or ''author'' virtual groups (#7438).
    3435
    3536== Performance