[wp-trac] Re: [WordPress Trac] #5255: Simplify role/capability for easier cap => user lookups

WordPress Trac wp-trac at lists.automattic.com
Thu Oct 25 17:15:23 GMT 2007


#5255: Simplify role/capability for easier cap => user lookups
-------------------------+--------------------------------------------------
 Reporter:  markjaquith  |        Owner:  anonymous
     Type:  task         |       Status:  new      
 Priority:  normal       |    Milestone:  2.4      
Component:  General      |      Version:           
 Severity:  normal       |   Resolution:           
 Keywords:               |  
-------------------------+--------------------------------------------------
Comment (by markjaquith):

 Replying to [comment:6 filosofo]:
 > Why not just drop roles entirely, and list capabilities on separate
 usermeta rows?  Then if you want to find out who can edit posts or
 whatever, it's a simple query.

 Because then you lose the ability to modify roles and have all people
 using that role get the modification.

 > How would you get around the following two problems?  Currently, if a
 plugin wants to add a capability to a role, say "cap_X", it degrades
 nicely when the plugin is no longer in use--i.e. having an unused
 capability doesn't hurt anything. However, under the proposed system one
 would have to create a new role for each new combination of capabilities.
 If I add "cap_X" to all my administrators, then they will no longer each
 be an "administrator"; they will be something plugin-specific.

 You don't add cap_X to your administrators, you add it to the
 administrator role, and all of your users with that role get that
 capability because it is contained in the role they're using.

 > The second problem is getting two different plugins that add
 capabilities to work together.  One wants to give a user "cap_X," and the
 other wants to give the same user "cap_Y", so which gets to define the
 role?  It seems to me that in some fairly common scenarios the number of
 distinct roles could approach the number of users.

 If each user has a distinct role, then yeah, you'll have a user:role ratio
 of 1.  That's not the common case in multi-user installs.

 The reason arbitrary capabilities have been a flop is that there is no
 built-in method for modifying roles.  The plugin has to make assumptions
 -- assuming that the default roles exist and that they haven't been
 severly modified such that its assumptions are incorrect.  I'm not sure
 there's a good solution to that  besides having a simple built-in method
 of assigning these new capabilities to roles.

-- 
Ticket URL: <http://trac.wordpress.org/ticket/5255#comment:7>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list