Log in

No account? Create an account

Previous Entry | Next Entry

collaboration software issue

I've been pounding my head on this for a few years, on and off. I need to design a "permission" scheme for objects within a collaborative environment.

I've decided the following permissions are a good start: ability to see something exists, ability to view it, ability to edit it, and the ability to add things to it.

But these permissions don't exist in a vacuum and aren't the same for everyone. But I'd rather not have to specify the permissions for every single user every time an object is created. So there should be defaults. But beyond that, there should be defaults for different classes of users, of a sort. "Of course", admins can ovverride anything, but beyond that... this is collaboration stuff. There should be "group" permissions.

I'm having trouble with how to define a "group", basically. Maybe. There are other issues, but that's one thing that needs to be tackled. Umm, and it extends to ... eh, perhaps if I could explain the problem fully I'd have the answer in the same breath. That is definitely part of the problem -- I don't know how to phrase any of this; wisps of ideas ramble through my head, unconnected. Why???

question 1: what database table(s) should be created for storage of permissions?

question 2: what should this (these) table(s) hold???

I kinda see one "generic" permissions for each object... which might as well go in the main object table. UNLESS. okay, we assume the creator/owner of an object has full permissions to do anything to it. (is that a bad assumption???) then the default permissions on an object could be "world" rights -- what any user of the system has access to. then... GROUPS (collections of users) as well as USERS could be assigned "override" permissions? maybe? Would there be permission inheritance? Maybe just on the UI side? But still that needs to be addressed. Do you see why I'm so confused? HELP!

Hmm. I think I'll doublepost this to developers area and see what happens. :blinkblinksmilefingerscrossed:


crap! developers has been deleted.

More thoughts, going back and editing the post:

maybe permissions could inherit based on where you are... with a memory of how you got there. {the issue being the place you're at can be in multiple things, so...} or ... it could be okay to just inherit based on precisely where you are and looking no further up than that. because there should be no "cloudy" permissions where you are -- they've been set when the object you're in was created (or they've been modified since then but that's okay)

but that still doesn't handle "groups" and such. maybe... all users' permissions to a parent object are copied to a child object, not just the "global" defaults?

that sounds like it might work. COOL!

I really would like feedback, though. I'll sleep on it and see what happens. Perhaps I've finally grokked the situation.


( 2 comments — Leave a comment )
Dec. 25th, 2001 01:01 am (UTC)
Hmmm...my friend octal (LJ user) is sufficiently geekly to answer this question, and might be interested. Go read his LJ and ask him, he likes to chat about deep-geek stuff.
Dec. 25th, 2001 02:03 am (UTC)
will check out his stuff. :)

thanks. :)
( 2 comments — Leave a comment )

Latest Month

February 2016


Page Summary

Powered by LiveJournal.com
Designed by chasethestars