incubator-jspwiki-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Florian Holeczek <>
Subject Re: separate space for user profiles
Date Wed, 03 Feb 2010 20:15:36 GMT
Hi Andrew,

access control templates are just an example of the benefits which arise
from treating user pages special. I like and prefer your approach!

Good point regarding comments... these are special, too, and should be
treated this way. Reality shows that the current approach leads to pages
which need extensive gardening in order not to contain too much trash
and contradictive information. By separating the comments, people will
use them the intended way.


Am 03.02.2010 15:10, schrieb Andrew Jaquith:
> Florian, I agree that user home pages are "special," and that we
> should do something about it. But I'd be reluctant to use access
> control templates. Instead, it would be better to extend the security
> policy grammar so that the defaults are sensible. For example, for
> groups, one of the default policies is this:
> permission
> "*:<groupmember>", "edit";
> ...which means "any members of the group can edit it." It's easy to
> imagine how this might extend to pages, e.g., creating a <self> or
> <fullname> token that would be evaluated. I think this is probably
> better than templating.
> Your comment also made me think about page "types," in the sense that
> we might want to consider adding support for this -- probably as an
> Enum. Home pages might be one type; comments (which will be sub-pages
> at some point) might be another. But I haven't thought too hard about
> this just yet.
> Andrew
> On Tue, Feb 2, 2010 at 4:19 PM, Florian Holeczek <> wrote:
>> Hi devs,
>> I want to start a discussion on a special aspect of the organization of
>> our new backend.
>> I think it might be useful to separate user profile pages from "normal"
>> pages. The following advantages came to my mind:
>> * no name collisions
>> * possibility of explicitly marking a page as a user profile (and thus
>> possibility for a visitor recognizing a page as user profile)
>> * possibility of having an access control template for this kind of
>> pages (e.g. only its "owner" may edit it).
>> WDYT?
>> Best regards
>>  Florian

View raw message