Hi, >I want to set up a user/admin user hierarchy in the following way: >Articles will be authored by specific users, and the authors of >those articles should be able to edit/delete such articles. Also, >they should be able to read other users' articles contained in >their sitegroup.
that can be done in Aegir using Viewer-Groups. >However, they should not be able to edit/delete articles authored >by others in their sitegroup, unless they are a member of the >"admin" group. AFAIK thats not so easy. >From playing with rights management in Aegir I got this far: In order for authors to create articles they need to: - have the right to "view articles" set in their parent group - have a topic which is owned by their parent group - have to be in "viewer groups" for that topic (otherwise they don't see that topic) but they can not: - edit or delete an article if the parent topic doesn't belong to their group - even if the authorship of this article is set to the right author (checked that twice) >And, they should not be able to >create/modify/delete topics which contain articles, unless they >are in the "admin" group. As stated above, if a topic belongs to their parent group and Viewer-group is set (so the author can see that topic) -> the author will be able to edit, delete and create new articles in that topic as he likes (even if other articles have their author-field set to another person). >So, my thought was to make the topics "owned" by the admin group, >but to have individual articles "authored" by users. > >But, I've found that with this setup, the user-level people can't >delete/modify their own articles, unless they are part of the >"admin" group. When they are part of the admin group, then they >seem to be able to write over all articles in the sitegroup. I was >under the impression from the documentation that articles are >read/write for members of the owner group of the parent topic + >the author of the article itself (regardless of that author's >membership in the topic group). Doesn't seem to work that way, but I think this would be the "natural" way. Can anyone comment on this? >Am I using the rights system in the wrong way? What's the most >natural way to achieve my goals using Midgard? I guess you could: - give every author his own group and topic (nasty, I know) - at least do not allow "authors" to approve articles, so "admin-group" can check articles, and if necessary use the revision system to switch back if content got changed before approval. - create several author groups and let every group just edit their "own" topics, but use viewer-groups to let them see the topics of the other groups... Well, I hope I didn't mess up too much ;-) Alex --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
