Hi Oliver, Point taken about it looking messy -- I think any way of sequestering information (and references to it) is going to have some trade off though. I have a couple of reasons for wanting to seperate the content generation from the authorization process:
1) I didn't want to have to overwrite the standard tags ( <r:children:...> particularly comes to mind) to filter out or somehow mark unauthorized links from the navigation or other parts of the page. We don't want our customers getitng frustrated in thinking they have access to something just to get a lot of 401 messages (or would it be 403? or 402? The documentation in 401 seems to describe authentication, not authorization... weird). 2) It seemed like a good way to make sure that our authorization logic could work on URLs outside of Radiant's managment. Don't get me wrong -- I really like Radiant, but one of the things I hate about our homebrew PHP system is that so much of the authorization logic is mixed up with the rest of the application code. That's mostly human design error, but nonetheless, something I dislike. Maybe my tastes are being unduly influenced by that. 3) I want to keep our content creators as removed from the authorization process as possible. As wiki fans, they're savy enough to use Markdown, but I'd rather keep them away from radius tags, so they don't have to make a context switch in their heads between the two. There's bound to be a good way to crack this nut... -Andrew _______________________________________________ Radiant mailing list Post: [email protected] Search: http://radiantcms.org/mailing-list/search/ Site: http://lists.radiantcms.org/mailman/listinfo/radiant
