Yes, that sounds like a good idea but will require a lot of changes - might as well start taking a look at using ACEGI's ACL's (per object) at that point.
What I'm doing is not as sophisticated as that, I mimic'd how forums work - where the read/access permission is set at the forum/blogsite level (not at the thread/entry level). It was simple enough to add. George Daswani -----Original Message----- From: Sean Gilligan [mailto:[EMAIL PROTECTED] Sent: Thursday, March 02, 2006 9:05 AM To: roller-dev@incubator.apache.org Subject: Re: bug? RollerAtomHandler permission check George Daswani wrote: > In regards to the read access permission, I basically added a > new WebsiteData Boolean attribute called "restricted" - the admins can > then toggle said bit (similar to the active flag) on/off. It might be useful to make the isRestricted property a property of the individual Entry. That way a blog could have certain posts that are available to registered "readers" only. It's something I've been thinking about lately. I realize there are additional implementation issues for this, but if the permission model is being updated, it might be worth considering putting the permission flag on the individual blog entry. -- Sean
