Timo Stollenwerk <[email protected]> writes: > Hi, > > Elizabeth came across a problem with p.a.discussion during her PLIP > review: Authenticated users are currently not able to post a comment, > they need the "Member" role to do so.
> Do we also want authenticated users to be able to post comments? Shall > we just check for the "Reply to Item" permission? I would like to hear > other opinions before I start to refactor the code. Don't Open ID logins have only Authenticated and not Member? At any rate, I think it's generally a bad idea to check roles, one should always check permissions. So it should probably be protected with a permission that should be given to Authenticated by default. Ross > What kind of message should users without the appropriate permission > see? The log-in button is kind of silly if the user has a login, but not > the appropriate permissions to post a comment. > > Cheers, > timo > > -------- Original-Nachricht -------- > Betreff: Re: [Plone] #9288: Improved commenting infrastructure > Datum: Wed, 08 Dec 2010 04:30:48 -0000 > Von: Plone <[email protected]> > Antwort an: [email protected] > CC: [email protected] > > #9288: Improved commenting infrastructure > ----------------------------+----------------------------------------------- > Reporter: timo | Owner: timo > Type: PLIP | Status: reopened > Priority: minor | Milestone: 4.1 > Component: Infrastructure | Resolution: > Keywords: | > ----------------------------+----------------------------------------------- > > Comment(by eleddy): > > Replying to [comment:50 timo]: > Nice work! I am super gung ho about authenticated being able to comment. > In default installs you will rarely see authenticated users who aren't > members and in custom environments using the member role is unlikely. > Curious what others think. > > Thanks! _______________________________________________ Framework-Team mailing list [email protected] http://lists.plone.org/mailman/listinfo/framework-team
