Return-Path: X-Original-To: apmail-incubator-bloodhound-dev-archive@minotaur.apache.org Delivered-To: apmail-incubator-bloodhound-dev-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id BCA90EBD8 for ; Tue, 22 Jan 2013 13:16:04 +0000 (UTC) Received: (qmail 86136 invoked by uid 500); 22 Jan 2013 13:16:04 -0000 Delivered-To: apmail-incubator-bloodhound-dev-archive@incubator.apache.org Received: (qmail 85977 invoked by uid 500); 22 Jan 2013 13:16:00 -0000 Mailing-List: contact bloodhound-dev-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: bloodhound-dev@incubator.apache.org Delivered-To: mailing list bloodhound-dev@incubator.apache.org Received: (qmail 85944 invoked by uid 99); 22 Jan 2013 13:15:59 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 22 Jan 2013 13:15:59 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=5.0 tests=RCVD_IN_DNSWL_LOW,SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (athena.apache.org: local policy) Received: from [209.85.216.44] (HELO mail-qa0-f44.google.com) (209.85.216.44) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 22 Jan 2013 13:15:52 +0000 Received: by mail-qa0-f44.google.com with SMTP id o13so3645017qaj.3 for ; Tue, 22 Jan 2013 05:15:30 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:content-type:x-gm-message-state; bh=gdXgQGl27GMwUw0FX8Sk8sUbLje1unQCoeFs43P/nlI=; b=fjQR+PD3D7eM4XAg+xfXHFlDbPGhkeBE6i81RpsdspM2ZnMOofoKLeSR7ra+vz1gE9 hQ2G479ZlObIY6+y/vt+9IT+A7shZnjeACrEOKYovkG3Cn0fhedh2AaV6ErkcdbVjLWw M7MD0fYGgWrf4D/ZAI6sF2XS24oRVGCcBXTq/7YhcXaJC1Ac+1Qaxu31AQRRRhJWE+bV jizIGCKFaaeGLHajaxMcm9DaUfU4bvz+oeVo2labYVnA6+FDQ0/lAHlPXprDWeYv8nma 6HxCnouWVUwqD9BsFzMAlYHdQU2HCamDxH/YR7glmbVNSqb8RdjBF900PzK8QmaEdnOu KXvA== MIME-Version: 1.0 X-Received: by 10.224.33.140 with SMTP id h12mr23615963qad.73.1358860530716; Tue, 22 Jan 2013 05:15:30 -0800 (PST) Received: by 10.49.6.73 with HTTP; Tue, 22 Jan 2013 05:15:30 -0800 (PST) In-Reply-To: References: Date: Tue, 22 Jan 2013 14:15:30 +0100 Message-ID: Subject: Re: [BEP-0003] [RFC] Permissions in product scope From: Andrej Golcov To: bloodhound-dev@incubator.apache.org Content-Type: text/plain; charset=ISO-8859-1 X-Gm-Message-State: ALoCoQndQ0REKJhvnD2Rj654KDdmxiDQ99aqDKl9IoPCqqahNgzZzPRWVEhCcZrTtd2VXCdBghXK X-Virus-Checked: Checked by ClamAV on apache.org > 7. At present components check for TRAC_ADMIN permission explicitly . > Some checks might be true for product admins but others do not. How does Trac should know when it is the case? That can be quite complex and and potentially brings inconsistent behavior. I have in mind a little different solution that also has some drawbacks but provides consistent behavior: - Site Admin has TRAC_ADMIN permission for parent environment. - Product Admin has TRAC_ADMIN permission for specific product environment. - Check TRAC_ADMIN permission in product environment should return True for Site Admin. IOW, Site admin is also admin for all products. - Site Admin UI has it's own url and is executed in parent environment e.g. http://bla/main/admin - The functionality of the UI can be quite different from Product Admin UI, e.g. User management must be part of this UI. - Product Admin UI has it's own url and is executed in product environment e.g. http://bla/main/productX/admin - Product admin can assign product specific permissions to user but cannot CRUD users, change system specific settings. - Product environment should protect from changing of system settings and multi-product instances such as Users. For example, Product Admin (with TRAC_ADMIN permission on specific product) cannot change DB connection string. That can be tricky :) I don't yet feel myself confident enough to say how this can be implemented. May be kind of black list of system settings? Comment, please. Regards, Andrej