[Scoop-dev] Fwd: [Scoop-bugs] [Bug 157] New: permissions should be able to be given or denied on a per-user basis

Sun Jan 30 12:54:47 PST 2005

* Colin Hill <hillct at scoophost.com> [30 Jan 2005 06:44]:
>    I feel strongly that the operation of $S->have_perm() should not 
> change, especially to separate group and individual perms. This will add 
> significant unwanted complexity to permissions management. If group and 
> individual perms established, then they should be merged together to 
> establish one single permissions set when permissions are inspected for 
> a given user.

OK, I think my unfamiliarity with how scoop actually works is showing
here. I did not intend to change the API, just how have_perm determined
whether a user had a perm or not. Rather than just looking up the user's
group, and seeing if that group had the permission, I would extend it to
look at the 'allow/deny' prefs and modify the result as required. Which
is what I think is exactly what you're describing in your last sentance.
(The exact implementation of this I won't speak to until I've actually
looked at the code....)

>    It may also be worthwhile to maintain user perms (like group perms 
> now) in a separate table, rather than keeping them in the prefs table 
> primarily as a logical separation but also because site owners may make 
> the massive security mistake of allowing users to edit the 'permissions' 
> preference items, or even enable them.

You have to assume some competence on the part of admins. Any of the
other User Prefs are susceptible to the same problem. So long as the
allow/deny prefs are shipped with sane defaults, and it's documented
that it's a bad idea to change who can edit them, I don't see this as an
issue. Moving user perms into a seperate table may well be a good idea,
but again that's out of the scope I intended for this patch :-) 

>  On that same issue, should disabled preferences be editable by the
>  $S->pref() or $S->set_pref() methods? I haven't checked the code in
>  this regard but I imagine you can. Is this a good thing?

My understanding is that the new UserPrefs code does a sanity and
permissions check before allowing you to set the value. If not, this is
a bug...

Mike

-- 
Michael Bain           | One day I want to look through three hundred    
mike at mostly-harmless.ca| thousand kilometres of space and say:           
GPG-ID: 0xA30A5493     | "My isn't there a beautiful Earth out tonight!" 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.kuro5hin.org/pipermail/scoop-dev/attachments/20050130/aeb47f65/attachment.bin