I think our current concept of ownership is more than just permissions. For instance if I search for the "author" (owner) of a resource, I don't currently get everyone who has full permissions. Likewise if permissions are assigned to users or roles, then it would be natural to assign "ownership" of a resource to a role, which we also don't allow. So I think there's still a little bit of ownership that's not captured with permissions.
I see some advantages to replacing the concept of authorship with permissions, but it has some serious effects on our current model of user experience. Jonathan Marsh - http://www.wso2.com - http://auburnmarshes.spaces.live.com > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:registry-dev- > [EMAIL PROTECTED] On Behalf Of Chathura C. Ekanayake > Sent: Monday, December 03, 2007 4:04 AM > To: [email protected] > Subject: Re: [Registry-dev] Changing ownership > > > I think "ownership" is the ability do any thing on the resource. So I > think when changing the ownership, what we should do is to copy all the > permissions of the author to the new owner. We can do it recursively as > well. > > Currently we don't support authorizations per each version. > Authorizations are set for the resource, which affects all versions of > it. Authorizations per each version is not much useful as the only > actions that can be performed on old versions is to read and restore. > > Thanks, > Chathura > > Sanjiva Weerawarana wrote: > > +1. In fact, it'd be useful to make this recursive too .. change all > > files owned by X to Y. > > > > Maybe part of the admin interface (at a UI level)? API level is > needed > > of course. > > > > Should this result in a new version?? X owner versions 1..n. Now Y > > owns version n+1 onwards. IMO that's cleaner but I don't think the > > data model will support that right now . > > > > Sanjiva. > > > > Jonathan Marsh wrote: > >> Glen and I were talking about enterprise access control, and > >> postulated the need for a "change ownership" API on a resource. The > >> scenario is when an individual "owns" a resource used by the > >> enterprise, and then changes jobs so he's no longer responsible for > >> the resource. A way to designate the new responsible party, if one > >> doesn't already exist, would be useful. > >> > >> > >> > >> *Jonathan Marsh* - http://www.wso2.com - > >> http://auburnmarshes.spaces.live.com > >> > >> > >> > >> > >> -------------------------------------------------------------------- > ---- > >> > >> _______________________________________________ > >> Registry-dev mailing list > >> [email protected] > >> http://wso2.org/cgi-bin/mailman/listinfo/registry-dev > > > > > _______________________________________________ > Registry-dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/registry-dev _______________________________________________ Registry-dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/registry-dev
