On Oct 2, 11:33 pm, luke <[email protected]> wrote: > So the next part is with nothing selected (not even deny), i thought > the default was to deny. Even if it's not, it should be consistent > across types (specifically, i should have the option create all or > none) >
The ACL system twists my mind. The 'deny' permission isn't the default. The default is that if no permissions are granted, they are not allowed by that group, but another group to which you belong may have one or more of those permissions. You are granted the highest level of permissions that exists within each group to which you belong. For example, group 'fraggle' has permissions to create and edit posts of type 'page'. Group 'editors' has permission to delete posts of type 'page'. Roy belongs to both groups, so he has permissions to create, edit, and delete posts of type 'page'. Say Roy also belongs to type 'nope', which has the permission 'deny' on posts of type 'page'. As I understand it, the deny overrides all the other permissions, so Roy, due to his membership in 'nope', isn't able to access posts of type 'page' after all. It can be difficult to get one's head around. I hope this helps with this part, at least. Rick --~--~---------~--~----~------------~-------~--~----~ To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/habari-users -~----------~----~----~----~------~----~------~--~---
