Changes between Version 8 and Version 9 of TracDev/Proposals/EvenFinerGrainedPermissions
- Timestamp:
- Mar 11, 2017, 10:55:37 PM (7 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
TracDev/Proposals/EvenFinerGrainedPermissions
v8 v9 9 9 - lack of precision over the '''target''' of the check (#8653) 10 10 11 This has lead to p ut this additionalprecision in the permission action itself, for example:11 This has lead to proposed or actual changes that add precision in the permission action itself, for example: 12 12 - user related: 13 13 - TICKET_IS_OWNER in #7438 … … 15 15 - TICKET_EDIT_COMMENT in #454 16 16 - TICKET_EDIT_DESCRIPTION in #8548 17 - TICKET_EDIT_MILESTONE in #8778 17 18 18 19 IPermissionPolicy plugins have the same tendency. … … 31 32 For extending the precision over the '''target''', we could have a very simple set of permissions (''read'', ''modify'', ''delete'', ''append'', for example) and use child resources to identify sub-elements of a resource (like fields or comments). 32 33 33 For introducing more elaborate concepts about the '''user''', we could use virtual groups. In a similar way than the ''authenticated'' group currently represents the sets of authenticated users, we could imagine group providers attributing special membership to a nuser, depending on which ''resource'' is being targeted. Therefore we could imagine an ''owner'' or ''author'' virtual groups (#7438).34 For introducing more elaborate concepts about the '''user''', we could use virtual groups. In a similar way than the ''authenticated'' group currently represents the sets of authenticated users, we could imagine group providers attributing special membership to a user, depending on which ''resource'' is being targeted. Therefore we could imagine an ''owner'' or ''author'' virtual groups (#7438). 34 35 35 36 == Performance