I was looking into the proposed Repository Structure [1] for Roles, Permissions and other user related stuff, and I have couple questions :
- I noticed we defined couple permissions such as : deleteOwnAlbum, deleteOwnGroupRole, manageOwnGroupRole, addOwnImagesToOwnAlbum, editOwnAlbumDescription. What I found a little awkward is that, if I'm the owner of the album, is there really any scenario where I wouldn't be allowed to "manage" my album ? - As for couple other roles : deleteOtherAlbum, deleteOthersGroupRole, viewImagesOnOthersAlbum, addOwnImagesToOthersAlbum, deleteImagesFromOthersAlbum, editOthersAlbumDescription. This also seems strange, as it seems that once i get "deleteOtherAlbum" I would have permission to delete any album that I don't own, which I think the scenario should be more like, a specific album owner would give a specific user the permission to "remove album" which would only work on the scope to that specific album. Thoughts ? [1] https://cwiki.apache.org/confluence/display/PHOTARKxWIKI/Repository+Structure -- Luciano Resende http://people.apache.org/~lresende http://twitter.com/lresende1975 http://lresende.blogspot.com/
