bloodhound-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Olemis Lang <>
Subject Re: [BEP-0003] [RFC] Permissions in product scope
Date Tue, 22 Jan 2013 15:50:14 GMT
On 1/22/13, Joachim Dreimann <> wrote:
> I'm a bit concerned about the complexity of some of those suggestions. I
> think they should be:
> 1. Product owner(s) === PRODUCT_ADMIN;

IMO , multiple users may manage a single product . Product admin
permissions are implicit .

> 2. Administration area is the same for all admin levels, just filtered by
> permissions.

This is exactly the point . Now in order to access admin area user
should be granted with TRAC_ADMIN permission . In turn this also means
that (s)he has unlimited power to do anything we can imagine . That's
ok for site admins but unacceptable for product admins .

> 3. Product owners have control over the product, not the environment (as
> Olemis suggested).


> I believe it should be our goal to take more of the functionality of the
> 'admin' screens (especially the Ticket System section) and display them in
> the regular UI itself.

This may be a nice approach to make a difference between both roles ,
and effectively ban product admins out of /admin area . My previous
reasoning (i.e. regular assertions in product scope like
perm.require(TICKET_MODIFY) always evaluating to true) would be
consistent with this approach . Nonetheless this represents an extra
effort by rewriting all this , not to mention plugin admin panels.

I'm sympathetic to this approach



Blog ES:
Blog EN:

Featured article:

View raw message