I've just recently moved from 0.8.9 to svn trunk after finding the
Identity package is just so excellently done. (Jeff Watkins, you do
great work.)
I had already written an internal identity management package, but
have just dumped it when I found that Jeff had already done one
better. We were also of very similar mind, because almost all of the
mechanics are the same.
However, one feature that I think would be great for the Identity
module are hierarchical permissions. The first project that really
got me hooked on them for a permission scheme is Gallery, and they
boil down to simply allowing permissions to be formed into a
multi-branch tree where each parent is a superset of the leaves.
I think that it makes for a very intuitive permission system, due to
things like this being possible:
Groups: (administrators, moderators, guests)
Permissions: (groups assigned that permission in parens)
* Admin Foo (administrators)
* Add Foo (moderators)
* Del Foo
* Edit Foo (moderators)
* View Foo (guests)
This is a very common occurrence in permission desires, where the
effective permissions are:
administrators (admin, add, del, edit, view)
moderators (add, edit, view)
guests (view)
It makes administration much easier than having to add each and every
permission to each and every group. I would be happy to assist with
writing the necessary patch(es), but I wanted to present the idea to
the group (especially Jeff) to see if this is a desired
feature/direction for the Identity package, or if I should just focus
on overwriting the permission model in my own project.
Thanks for your time,
Travis Bradshaw
[EMAIL PROTECTED]
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"TurboGears" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at http://groups.google.com/group/turbogears
-~----------~----~----~----~------~----~------~--~---
