[wp-hackers] User roles - GSOC proposal

24/7 24-7 at gmx.net
Mon Mar 29 01:51:33 UTC 2010 

Better user-management: +1
Reworking the system: +1
Category level permissions: +1
Multiple Roles: +10!!

I think bundling capabilities in roles is perfect. I don't think you have to
scale roles hierarchically, like we had it with (depr.) user_level. The best
approach would be custom roles and then assign multiple roles to users on a
"on demand" base. Ex. You got someone who writes posts, but he's also
responsible for managing your subscribers. So you could give him the role of
"Author" and "HR-Manager". Nice!

Sidenote (maybe a reference): There's a nice plugin called "capability
manager" that does pretty everything that's needed in a nice modular way.

I made a small plugin for myself some time ago to get a better overview of
all the user related data. I posted it on pastebin, so you can grab it
http://pastebin.com/HbJ8Cdvm  Maybe you can use it or it helps you some way.
It's not pretty good coded, but it does it's job. You just upload, activate
and then find it with "tools>show user data".

Hope you make it! 

-K.

-----Ursprüngliche Nachricht-----
Von: nadarajah prasath [mailto:n.prasath.002 at gmail.com] 
Gesendet: Samstag, 27. März 2010 14:02
An: wp-hackers at lists.automattic.com
Betreff: [wp-hackers] User roles - GSOC proposal

Hi hackers,
I,m interested in the idea user roles.

The objectives of this project is to

   - Simplify the current implementation of roles.
   - Allow category level permissions for roles.
   - Optimized storage for querying user permissions.


The current role system allows you to set capabilities per user basis. It's
flexible but also complicated.
 Capabilities are saved for individual users and it requires loading all the
users into the memory to determine for capability X.
this may give performance issues with high number of users.

I propose to eliminate individual capabilities of user and assign
capabilities for roles.

*Entities*

   - Users – a blog can have any number of user.
   - Roles – a blog can any number of roles. Admin can create custom roles.
   - Categories – post categories.


*Relationships*

   - Users&Roles – a single user can act multiple roles in different
   categories. For example in a news blog the user can act as a contributor
to
   sports category and editor  in   entertainment category.
   - Users&Categories – a single user can be assigned to multiple
   categories. For example a user can act as editor for both
   sports&entertainment category.

*Views*

   - Users&Roles&Categories – In individual user view a widget that display
   all roles and a  tree view within the roles to select multiple categories
   (similar in post view where we select categories that post belong).
   - Roles – ability to create custom roles. Capabilities of roles in one
   view so admin has more control and information over capabilities (similar
to
   drupal)

*database*
wp_usermap – A database table that maps userId with roleId & termId. So now
checking for user with capability X or checking for a user for a specific
category will be easy. This will increase the performance.

I have given a lot of thought whether to allow users to act in multiple
roles and I think it,s essential for blogs having large users.
 What do you think?.

Feel free to add your comments and feedback on this. i,m eagerly waiting for
it.
Prasath.N

More information about the wp-hackers mailing list