continuum-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jesse McConnell" <jesse.mcconn...@gmail.com>
Subject Re: rbac-integration continuum branch
Date Thu, 28 Sep 2006 02:04:59 GMT
on a related note and the heels of the last email....some things to ponder

There are a few policy decisions that I wanted to bring up for some feedback...

1)  when a project group is added, should the 'Project Developer' role
for that project automatically be assigned to the admin user?

I think it should, since the admin is able to just go and grant it anyway, but
will that encourage making everyone and admin?  should that be an option anyway?

2) when a project group is added, should the Project User role be
granted to the guest user?

I think so, but only if we are going to wrap these things behind
authorization...
which we really don't have to...which leads to following questions I suppose

3) who should be granted the role that allows for adding projects to
continuum? right now that is only the system administrator.

Perhaps we make a Continuum Manager role as well that grants that kind
of top lvl authorization without handing full sysad rights away...I
kinda like that idea.

4) how deep into continuum should the guest user be allowed?  should
they have access to all levels of the project group information wise,
just not able to twiddle any dials or knobs?

perhaps for now since continuum was always pretty open before we try
and maintain the same lvl of access for guest users, just protect the
knobs and buttons.

In the long run these behaviors should be configurable I think, but we
need to decide on some sane defaults.

jesse

-- 
jesse mcconnell
jesse.mcconnell@gmail.com

Mime
View raw message