[wp-trac] Re: [WordPress Trac] #5255: Simplify role/capability for easier cap => user lookups

WordPress Trac wp-trac at lists.automattic.com
Thu Oct 25 03:26:08 GMT 2007


#5255: Simplify role/capability for easier cap => user lookups
-------------------------+--------------------------------------------------
 Reporter:  markjaquith  |        Owner:  anonymous
     Type:  task         |       Status:  new      
 Priority:  normal       |    Milestone:  2.4      
Component:  General      |      Version:           
 Severity:  normal       |   Resolution:           
 Keywords:               |  
-------------------------+--------------------------------------------------
Comment (by ryan):

 The current implementation has several faults.  Fetching all users with a
 given role or capability is painful. This is due mainly to how things are
 stored in arrays rather than rows in a table. Also, role definitions are
 stored per-blog in the options table rather than globally.  This creates
 pain for those doing multi-blog WP.  Finally, allowing multiple roles and
 caps per user is extra complexity for little gain.  It's a bunch of
 largely unused cruft.

 Limiting users to one role instead of multiple roles and capabilities
 cleans up much of this.  A user has one role and that's it.  All
 capabilities come through it.  If you want to change what a user can do,
 give the user a new role with a new set of capabilities.  The user's
 assigned role would no longer be stored in usermeta as an array but as a
 single value.  This allows easy fetching of all users with a given role
 without having to parse array values out of a SELECT.  To get all users
 with a given capability, lookup which roles have that capability and fetch
 users with those roles.  Simpler code and queries, and also simpler
 conceptually.  What can this user do?  Look at his role definition. He can
 do only what his role allows.  This is pretty much what we do at
 wordpress.com to handle the many users there.  Multiple role and
 capability assignments get unmanageable pretty quickly.

 The next phase would be to rewrite the role storage to use the proposed
 sitemeta table so that we can fetch role definitions out of a proper table
 instead of out of an array stored in the options table. We could directly
 join on this, if desired, or we could continue doing the role cap lookup.
 People would still have the option of foregoing storing the role
 definitions in the DB altogether, which is what many multi-blog WP and
 WPMU sites do.

 We've had this redesign discussion several times since we created
 capabilities.  I think the time has come to fix this mess.  No one likes
 it as is.

-- 
Ticket URL: <http://trac.wordpress.org/ticket/5255#comment:5>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list