Project-Id-Version: Trac 0.12
Report-Msgid-Bugs-To: trac-dev@googlegroups.com
POT-Creation-Date: 2008-01-30 09:20+0100
PO-Revision-Date: 2010-07-19 23:05+0200
Last-Translator: Jeroen Ruigrok van der Werven <asmodai@in-nomine.org>
Language-Team: en_US <trac-dev@googlegroups.com>
Plural-Forms: nplurals=2; plural=(n != 1)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Generated-By: Babel 0.9.6

Warning: Can't synchronize with repository "(default)" (Unsupported version control system "git": Can't find an appropriate component, maybe the corresponding plugin was not enabled? ). Look in the Trac log for more information.

Changes between Version 4 and Version 5 of MultipleGroupAccessModel


Ignore:
Timestamp:
12/29/09 15:32:43 (8 years ago)
Author:
sebastian
Comment:

Add flag and acl proposals for the group model.

Legend:

Unmodified
Added
Removed
Modified
  • MultipleGroupAccessModel

    v4 v5  
    4848 
    4949 * Access rights granularity 
    50   * tagging 
    51   * download full-size pictures 
    52   * (more?) 
     50  * Proposed ACL flags: {{{GROUP_ACL_META_ADD}}}, {{{GROUP_ACL_META_DEL}}}, {{{GROUP_ACL_VIEW_PREVIEW}}}, and {{{GROUP_ACL_VIEW_ORIGINAL}}}.  
     51   * {{{GROUP_ACL_META_ADD}}}: MetaData could be added, but not deleted or overwritten.  
     52   * {{{GROUP_ACL_META_DEL}}}: MetaData could be added, modified, and deleted 
     53   * {{{GROUP_ACL_VIEW_PREVIEW}}}: Media could be seen in preview but the original media could not be viewed nor downloaded 
     54   * {{{GROUP_ACL_VIEW_ORIGINAL}}}: Media could be seen in all preview sizes and could be downloaed 
    5355 
    5456 * User Roles 
    55   * owner: can assign moderators and perform everything else a moderator can 
    56   * moderator: can add/invite/delete users 
     57  * owner: can assign moderators and perform everything else a moderator can (Do we need multiple moderators? This could be a open group. See group flags) 
     58  * moderator: can add/invite/delete users (Could be also a public group) 
    5759  * member: is allowed to view and assign images to the group 
     60 
     61 * New Group Flags 
     62  * Proposed flags: {{{GROUP_FLAG_SYSTEM}}}, {{{GROUP_FLAG_PUBLIC}}}, and {{{GROUP_FLAG_OPEN}}}.  
     63   * {{{GROUP_FLAG_SYSTEM}}}: indicates a group of the system which are initialized at installation or created by admins and sysops. These groups could not be modified or deleted by ordinary users. E.g. the group of public images, group of images accessable for ordinary users, user's own image group. '''(System groups dont have an group owner.)''' 
     64   * {{{GROUP_FLAG_PUBLIC}}}: indicates a group which is viewable for all users. These groups are shown in the media. Users can create public groups. 
     65   * {{{GROUP_FLAG_OPEN}}}: indictes a group which could be joined freely without an acknolegement of the group owner. Users can decide if the group is open or closed. 
    5866 
    5967== Database == 
     
    6472  * Add hasAndBelongsToMany table "groups_media" with "group_id" and "media_id" 
    6573  * Add fields to Group schema: flags (int), acl (int), description (text) 
     74 
    6675 
    6776== Programming == 
     
    7483 * MVC 
    7584  * Adapt the group model/view/controller 
    76   * Add database initialisation of public groups in the setup to ensure required groups 
     85  * Add database initialisation of public system groups in the setup to ensure required groups (e.g. group of public media, group of media accessible for users) 
    7786  * On user creation create private user group 
    78   * Create user profile with all public group 
    79   * Add a group search 
     87  * List all user's public groups in his profile 
     88  * On media creation assign the ''private user group'' (see section Database Layer) 
     89  * Add a group search which should handle multiple groups (and exclusions) 
    8090  * Write schema migration script like {{{vendor/shells/upgradeMediaSchema.php}}} to ensure migration of older phtagr versions 
     91 
     92=== Database Layer === 
     93 
     94 * If each user has its own ''private user group'' and all his media has at least this private user group, the SQL magic and access management is reduced to an {{{INNER JOIN}}} [http://www.w3schools.com/Sql/sql_join.asp w3schools] to the user's groups. The private user group should be handled invisible and must be set always on creation or media group assignment changes. 
     95 * Simplefied Cases: User 'john' has the private user group {{{<1:john>}}} (syntax {{{<group ID:group name>}}}). He is also member of groups {{{<2:nature>}}} and {{{<3:buildings>}}}. 
     96  * To fetch all media accessable for 'john' select all media with 'john's private user group: {{{SELECT * FROM media INNER JOIN group_media ON media.id = group_media.media_id AND group_media.group_id = 1}}} 
     97  * Select all media which are accessible for 'john' (all media having 'john's groups): {{{SELECT * FROM media INNER JOIN group_media ON media.id = group_media.media_id AND group_media.group_id IN (1, 2, 3)}}} 
    8198 
    8299== Other ==