A person can belong to more than one group, the same way they can have
more than one set of roles... for example:
User: None
Groups: None
Roles: anonymous
User: mbevan
Groups: users
Roles: None
User: admin
Group: users, administrators
Roles: owner
User: joe.random
Groups: users
Roles: member
Then you just need to check for a group of "users" for viewing, a role
of "member" or "owner" for posting, and a role of "owner" or group of
"administrators" for deletion. The user/group/role system is quite
powerful, and can be very granular, if you are just careful how you
define group and role - is "member" a group, or role? Administrator?
A forum may have:
Groups: none, member, administrator
Roles: anonymous, view, post, modify, moderate, admin
View to allow viewing (being a member would dictate this, and it would
be set during account creation), post to allow posting, modify to allow
modification of one's own posts, moderate to be able to modify/delete
everyone's posts, admin to modify forum settings.
This level of granularity would allow you to ban someone completely (no
roles), stop them from posting (remove the 'post' role), or grant
trusted users the ability to modify their posts, etc. The Gentoo
Forums often have long threads with the original post being updated by
the author to reflect later converstaion.
Typical administrators would be everything excepting anonymous. ;^)
Just my four cents,
Matthew Bevan
