"Diethelm Guallar, Gonzalo" wrote:
> * ROLE_PERMISSION: what permissions are in a role.
> * USER_GROUP_ROLE: what roles a given user has as
> a member of a given group.
>
> My gut tells me there could be one other relation
> that might be useful:
>
> * GROUP_ROLE: what roles a group has, and therefore,
> what roles any member of that group inherits.
I'm sorry but your gut is wrong here :)
It's third or fourth time I'm explaining this on the list,
I think...
A user does not *belong* to a group.
An 'user' has a 'role' *in* a 'group'.
A number of groups exists in the system. The groups might
be projects for example. You can have one or more roles
in those groups. You might be an observer, developer or
supervisor. Different roles are assigned different sets
of permissions.
Certain roles are not related to any group - they are
system wide like 'turbine_root'. These roles are assigned
to users in a special group called 'global'
Makes more sense now?
--
Rafal Krzewski
Senior Internet Developer
mailto:[EMAIL PROTECTED]
+48 22 8534830 http://e-point.pl
------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Search: <http://www.mail-archive.com/turbine%40list.working-dogs.com/>
Problems?: [EMAIL PROTECTED]
