Translations: English
Search on Docs:
   
ActionItem Search:

#1489: The roles should be a partially ordered set

Type: FeatureItem Feature: Infrastructure, UserInterface Tags: colivre
ScheduledFor: N/A Assigned to:   Sites:  
Priority: 0 Status: Pending  

The roles should be organized in a partially ordered set because we have roles that contains others and we should use this information to generate the permissions of each role. This way the roles will be much more consistent and we will reuse code.
E.g.
- administrator C moderator C member
C = "contains"
It has to be a partially ordered set because you can have two roles that are not related
E.g
- administrator C moderator C member
- administrator C observer C member
In this case, "moderator" and "observer" are not related.

  • The interface should be easy enough to show the user all the relations between the roles.
  • While creating a new role, the user must be able to choose the subset roles of the new one.
  • The roles definition should use the relations to generate the permissions of each role, i.e. the permissions mustn't be just manually copied.

Some images:
  • roles1:

  • roles2:

-- RodrigoSouto - 22 Apr 2010

Sounds nice. I would like to have a strong reason why we need this, though. smile

-- AntonioTerceiro - 28 Apr 2010

The resons are:
  1. Roles consistency: we are not going to copy the permissions manually when we have related roles.
  2. Scalabiblity: today we have very few roles, but when we begin to have too many roles this "copy and paste" of permissions won't stand.

Sorry for the late answer.

-- RodrigoSouto - 11 May 2010

I'd say let's wait for the time "when we begin to have too many roles"; that's when we will actually need this.

I don't think that time will come, though. smile

-- AntonioTerceiro - 14 May 2010

We found a gem that do this and much more! It's called Declarative Authorization. It's for sure a good thing to implement and, superficially, it is an easy and neat gem. I think it'll take a lot of work doing the migration of the current way permissions are working but it's worth. Some links about:
  1. http://railscasts.com/episodes/188-declarative-authorization
  2. http://github.com/stffn/declarative_authorization

-- RodrigoSouto - 21 May 2010
Add comment
You need to login to be able to comment.
 

ActionItemForm edit

Title The roles should be a partially ordered set
ActionItemType FeatureItem
Priority Low
Tags colivre
Feature Infrastructure, UserInterface
ResponsibleDevelopers
ScheduledFor N/A
AffectsVersion
Status Pending
Ticket SAC:
Topic revision: r1 - 22 May 2015, UnknownUser

irc Talk with Devs Now!

Copyright © 2007-2019 by the Noosfero contributors
Colivre - Cooperativa de Tecnologias Livres