this page aims to put some specification into tiki Groups
It seems that there will be an effort to redesign tiki groups. This page has been created to discuss this issue.
Below is the first data model I (baptiste aka bburgaud) end-up with. It's not a proposal, but a start for discussions. It was intended to solve those problems:
- groups are not only a set of users but also a set of perms. a set of perms is actually a role and should be something separated from groups.
- levels somehow define roles, but then there is no possible intersection between roles, which seems to be rather a big limitation
Mose told me that levels were not meant to be dynamic, but I truly think that we need roles, maybe we can keep both... It's quite difficult to preserve the environment here. Still, this model works if the groupperms add to prems resulting from groups, and if the objectperms add to perms resulting from objectgroups (for the groups the object belongs to) .
The point is that it costs a lot of time to set perms for an object, while if we set roles and apply those to users in groups, it's then fairly easy to automatically set a complex set of perms to an object only by associating it to one or more groups. This suppose that a groups owns a set of objects and that we can deduct the permissions that a user has on one object from this relationship.
Well, what do you think?
well, I thought we have already moved on, have we?