Jonathan Marsh - http://www.wso2.com - http://auburnmarshes.spaces.live.com
> -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > On Behalf Of Dimuthu Leelarathne > Sent: Friday, September 26, 2008 5:07 AM > To: [email protected] > Subject: [Mashup-dev] User Permission Case Study > > Hi all, > > I have picked Mashup Server to be one of my case studies to study > permissions on WSO2 products. > > I talked to Keith as my first resource person. Here is the list I > came up with. > > Please help me to improve it. > > > Permissions > 1-Tag > 2-Comment > 3-Rate > 4-Edit Mashups > 5-Upload Mashups > 6-Create a user group using other Mashup Users > 7-Assign "Friends" role to user group > 8-Assign "Super Friends" role to user group > 9-Assign 1,2,3,4 and 5 above permissions to user group > 10-Add/Edit/Delete users > 11-Admin role become a normal user > 12-Normal user become an admin role Maybe better stated as 11-User with Admin privileges can act as a Normal user (e.g. suspend their Admin privileges.) 12-User with Admin privileges can restore their Admin privileges. Maybe this concept of "suspending/restoring" a role's privileges should be generalized - are there scenarios where I am Joe's "Super Friend" but only want to act as a normal user? We also have an anonymous user who only has permissions to view. It's possible we could limit that permission in the future too (e.g. limit source code access only to registered users.) We haven't thoroughly thought through "Friends" or "Super Friends" roles, but we also might want a "Blocked" role, to prevent somebody who has posted abusive comments from continuing to do so. > Roles > Super Admin - all 12 permision on all resources > Mashup Users - all first 9 permission on their resources A mashup owner also has the permission on the mashups they own to delete tags and comments made by other users. In general the permission to tag and comment are not identical to the permissions to delete tags and comments. If you authored a tag or comment you can delete it. If you own the resource being tagged or commented, you can delete other people's comments. If you're an admin you can delete tags or comments anywhere. > Friends Role - user defined set of permissions out of 1,2,3,4 and 5 > Super Friends Role - user defined set of permissions out of 1,2,3,4 and > 5 > > Further more, > Admin username/password should not be hard coded. We collect this information on first run, which is a good practice. > Thank you, > Dimuthu > > _______________________________________________ > Mashup-dev mailing list > [email protected] > http://mailman.wso2.org/cgi-bin/mailman/listinfo/mashup-dev _______________________________________________ Mashup-dev mailing list [email protected] http://mailman.wso2.org/cgi-bin/mailman/listinfo/mashup-dev
