At 01:56 PM 9/28/01 +1200, you wrote: >best way to handle would require a way of detaching the suspension from >access list, that way if the access is removed then re-added the suspension >remains (probably require a separate suspension table that would mimic the >access list except only have entries for actual suspensions)
If this is to be done, which seems like a good idea ... The suspension table entries should probably consist simply of one of the fields from the user record of the person who set the suspension. This field would be one which is always unique to that particular user record. (If I recall correctly, there are at least two such fields in the Cservice database user records; it's been a while since I looked at GNUworld.) The simple way to handle it would be then to always accept REMUSER or UNSUSPEND on a suspended user -except- when -all- of the following conditions are true: * The suspendor, as indicated by the suspension table entry, is still an existing user, and still has access on the channel. * The suspendor is not the same user as the person attempting to remove or unsuspend the user. * The suspendor is of equal or higher access on the channel than the operator attempting to remove the suspension or user. The rationale for these is as follows: * A user who has had their ops revoked on a channel, or has resigned from operator status, does no longer have authority on the channel. Therefore, their access is effectively zero, and -anyone- attempting to remove the user or suspension is of higher authority (see below for further comments). * A user who sets a suspension on another should have the ability to remove that suspension, or to further discipline that user by total removal, without technical interference. I.e., if an op can do something, they should also have the ability to undo it with equal ease as far as is technically possible. * If the suspendor is of lower access than the operator attempting to remove the suspension or user, then said operator has authority over the suspendor. It is bogus, and can easily interfere with channel administration, to fail to permit this authority to override the suspension. If the suspendor is of equal access to the operator attempting to remove the suspension or user, then both have equal authority. To prevent the 'betrayal' scenario which initiated this thread, it should not be permitted for equal-level ops to override each other in this manner. If the suspendor is of higher access than the operator attempting to remove the suspension or user, then the suspendor has authority, and the person attempting removal shouldn't be trying to do that anyway. :> -- Amarande
