> > I'm also interested in whether any thought has been put into the > interaction between these contexts. Can I be warned about deleting a layer > that was used in a map that is unviewable to me? etc. >
There has been some thought given to this. It's yet another area where we are going to go with the simplest thing that makes sense for 1.0 and then probably adjust based on user feedback. There seem to be a number of cases in this space. Here are some: * Can I view a map which includes a layer that I can't view? Yes, but the viewed map should not be able to access the layer and therefore shouldn't display it. I guess the map's info page will have a link to the layer's info page, but that page will redirect you to a "You don't have permission to see this data" error page. (It could also just be a listing with a dead link). Earlier, there was talk about having Maps inherit security restrictions from their constituent layers. (I.e., my access to a map is determined by the intersection of my permissions to the map and my permissions to all the map's layers) But that's I think something we can save for a next pass, if it's desirable. * Can I delete a layer used in a map that I can't see? I think the answer to this is "Yes." We've talked about maybe having a warning to the layer owner upon deletion saying, "This data is used in these maps," and maybe a notification system alerting the owners of maps that the data has been deleted. But since we list the maps a layer is a part of on its info page, i think we can hold off on these safeguards for now. I think it's reasonable (on a first pass) for the owner of a secret map to have to suffer the consequences of their secrecy; data owners shouldn't be responsible for users they can't see. (As a map owner, I would be able to extend read permissions to the data owner if I wanted the data owner clued in.) Just a bunch of thoughts. Anyone have others? -- Sebastian Benthall OpenGeo - http://opengeo.org
