Hi David, our OOTB roles and the permissions assigned to them are listed
here:
http://svn.apache.org/viewvc/roller/trunk/app/src/main/resources/org/apache/roller/weblogger/config/roller.properties?annotate=1618360#l353
(lines 354-356).
As it shows, we ship with only two roles: editor (i.e., a
I haven't looked at Roller's security model for many years, so there's a good
chance my comments are nonsense.
If there are really only 4 permissions then there are only 16 possible roles.
The point of roles is usually to simplify assigning sets of permissions to
users. If there are only 16
On 12/26/2014 09:30 AM, Dave wrote:
On Thu, Dec 25, 2014 at 9:42 PM, Glen Mazza wrote:
For the next release of Roller, I have some suggestions that I think will
increase adoption of Roller in corporate multi-blogger environments:
1.) I've brought this up before, but with 5.1 now out, I'd lik
I agree with Dave overall.I don't think getting rid of multiple
roles per user will buy us significant simplification.
A couple of additional comments.
The multi-role model is pretty common. For example, it is supported
"out-of-the-box" in Shiro:
https://shiro.apache.org/static/1.2.3/
On Thu, Dec 25, 2014 at 9:42 PM, Glen Mazza wrote:
> For the next release of Roller, I have some suggestions that I think will
> increase adoption of Roller in corporate multi-blogger environments:
>
> 1.) I've brought this up before, but with 5.1 now out, I'd like to revisit
> it. I'd like us t
Hi Team,
For the next release of Roller, I have some suggestions that I think
will increase adoption of Roller in corporate multi-blogger environments:
1.) I've brought this up before, but with 5.1 now out, I'd like to
revisit it. I'd like us to tighten up our security subsystem by moving
f
