[wp-hackers] User Permissions system overhaul
David House
dmhouse at gmail.com
Mon Jun 13 11:09:32 GMT 2005
On 6/13/05, Brett Taylor <brett at webfroot.co.nz> wrote:
> I would like to see the ability to assign a user more than one role
Good idea.
> REALLY like to see the ability to add/update/remove permissions for
> different tasks to new or existing roles.
Good to hear, I was worried that this kind of advanced permission
system wasn't going to be very popular, but I think there'd be enough
demand for it.
> Where I say [advanced] these are non-standard user roles that will
> remain hidden until the option "Enable Advanced User Permissions
> Management" is turned on.
I think this may be complicating things a bit too much. I think,
instead of having to create a role you'd inevitable only assign to one
person, you should be able to configure exactly what a user can and
cannot do, and give them a title (e.g., you could configure it so that
they can moderate comments, and give them the title 'Spam Manager').
> Each Role should have a master "Enabled" switch, which will turn that
> role on and off, and as such, users with a disabled role do not gain the
> permissions that role would normally grant.
Again, I don't see that this would provide a great benefit. I can't
see this being used much, and it would be quite confusing IMO.
> So, instead of having the option "Users must be registered and logged in
> to comment", just disable the guest role. Heck, you could make the
> former option an alias to the latter, or even better, an alias to the
> "can leave comments" permission on the Guest role.
>
> Also, you would need an option like:
>
> * Newly registered users gain these roles:
> [disabled][x] Registered User (ie, they will always get this role)
> [ ] ...
> [ ] ...
> [ ] other roles
I think wording it something along the lines of two options:
[ ] Anyone can register as a registered user
[ ] You have to be a registered user in order to comment.
I don't think there'd be a great demand for allowing users to register
themselves as anything other than registered users.
> When editing roles, you would probably want to categorise the different
> 'user tasks' into 'user task categories" "Administration", "Posting",
> "Commenting", "Links", "Uploading".
How would this serve any purpose?
> With respect to plugins, plugins should be able to add new 'user tasks',
> new 'user task categories', and maybe even new default advanced roles.
>
> Anyway, that's my vision for a truly extensible user permissions
> overhaul. I believe if implemented correctly, WP's user system will
> rival other CMSs. I hope you share this vision!
Keep in mind that WP is primarily weblogging software. WP isn't trying
to capture the CMS market. I think a lot of what you've suggested
would be over the head of the average WP user. I think that the
following would be sufficient:
* Change user levels system to user roles; use roles proposed by Denis
de Bernardy.
* Allow advanced configuration of individual users: checkboxes to say
what this user can and cannot do.
* Allow titles to be given to users.
> Wikis seem to help people think better... I've already revised half of
> the content in this email there already.
Okay, but can we try to keep the discussion on this page? Things could
easily get out of hand otherwise.
--
-David House, dmhouse at gmail.com, http://xmouse.ithium.net
More information about the wp-hackers
mailing list