There is a difference between permissions and roles. Permissions are atomic. Someone has permission to read a document or not. Roles are collections of permissions. The role of a WWRAdmin has the permissions to read a document, write a document, and edit a document. A person may have many roles. I belong to WWRAdmin and SuperUsers. This means that anything that a WWRAdmin OR a SuperUser has permission for, *I* have permission for. But it also means that I can be assigned permission to create a document directly, without assigning me to a role that has that permission.
-----Original Message----- From: BORKMAN Lee [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 04, 2002 2:28 AM To: '[EMAIL PROTECTED]' Subject: RE: secure tag and permissions Hmm, I'm generally with John on this one. I use the names of Groups, eg: IF you are a member of (WWRAdmin OR SuperUsers OR ITAudit) { Run this bit of secured code } else { Call police } Hal and I have argued about this on many occassions, but I think we simply have a conceptual gap. Hal talks about permissions, I talk about roles. We don't *connect*. It's a pradigm thing. I am *almost* sure that the two approaches are actually functionally equivalent, but I know which I prefer ;-) See ya, LeeBB -----Original Message----- From: hal helms [mailto:[EMAIL PROTECTED]] John is in rare form today, first urging people to add code to their prototypes and now suggesting that we abandon Bit math because it's too much effort? I suspect someone has kidnapped my friend, John, and is making him type these crazy things. ... IMPORTANT NOTICE: This e-mail and any attachment to it is intended only to be read or used by the named addressee. It is confidential and may contain legally privileged information. No confidentiality or privilege is waived or lost by any mistaken transmission to you. If you receive this e-mail in error, please immediately delete it from your system and notify the sender. You must not disclose, copy or use any part of this e-mail if you are not the intended recipient. The RTA is not responsible for any unauthorised alterations to this e-mail or attachment to it. ==^================================================================ This email was sent to: [email protected] EASY UNSUBSCRIBE click here: http://topica.com/u/?bUrFMa.bV0Kx9 Or send an email to: [EMAIL PROTECTED] T O P I C A -- Register now to manage your mail! http://www.topica.com/partner/tag02/register ==^================================================================
