Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Users design #11

Closed
bouncepaw opened this issue Jun 28, 2020 · 3 comments
Closed

Users design #11

bouncepaw opened this issue Jun 28, 2020 · 3 comments

Comments

@bouncepaw
Copy link
Owner

It was promised that MycorrhizaWiki would provide advanced user management. This issue is devoted to the design of the users. I'll use RFC 2119 here to look cool and classy.

User groups

  • Usernames MUST be different from groupnames.
  • Each user MUST be part of one or more groups.
  • Each group SHOULD be given just enough rights for them — not more. For example, group users SHOULD NOT be able to edit critical hyphae like templates.

Suggested groups

MycorrhizaWiki MAY ship with these groups preconfigured, but wiki owner MAY change them.

admins

This is the most powerful group. mycorrhiza, the wiki's avatar user, and the wiki creator SHOULD be here.

  • Can view hyphae? Yes, all of them.
  • Can edit hyphae? Yes, all of them.
    • Allowed MIME-types: All of them.
  • Can rewind hyphae? Yes, to any revision.
  • Can delete hyphae? Yes, all of them.

moderators

These are important users that were trusted with keeping peace and order on the wiki.

  • Can view hyphae? Yes, all of them.
  • Can edit hyphae? Only non-critical ones.
    • Allowed MIME-types: Safe ones.
  • Can rewind hyphae? Yes, to any revision.
  • Can delete hyphae? Yes, but no more than 10 in an hour.

users

Regular users.

  • Can view hyphae? Yes, all of them.
  • Can edit hyphae? Only non-system ones + own user page.
    • Allowed MIME-types: Primitive ones.
  • Can rewind hyphae? Yes, to one of 10 latest revisions.
  • Can delete hyphae? No.

guests

Unauthorized users are considered as part of this group.

  • Can view hyphae? Only non-system ones + user pages.
  • Can edit hyphae? No.
    • Allowed MIME-types: None.
  • Can rewind hyphae? No.
  • Can delete hyphae? No.

Overriding rights on per-hypha basis

admins SHOULD be able to override rights per hypha branches. For example, admin (∈admins) decided that hypha Secret plans and its subhyphae shall be unavailable for everyone but admins. They would make such request:

wiki/Secret%20Plans?action=set-rights&data="w:admins"&recursive=1

Edit, rewind and delete rights will be derived from write rights.

Another example. The aforementioned admin decided that everyone but guests and user fungimaster shall have access to hypha Happiness. They would make such request:

wiki/Happiness?action=set-rights&data="w>users;r:_;d,w>moderators"

Usage

When a user (or a guest) makes a request, MycorrhizaWiki SHALL match the user against per-hypha rights (if present) and then against per-group rights. If they don't have enough rights, they SHALL be informed about that and the request SHALL abort.

Storage format

Good old JSON of course.

TODO

  • Design the query format
  • Design the JSON schema
  • Think what rights should exist (history access?)
@bouncepaw bouncepaw mentioned this issue Jun 28, 2020
Closed
@DanInSpace104
Copy link
Contributor

User rights override group rights?

@bouncepaw
Copy link
Owner Author

Yes, they do.

@bouncepaw bouncepaw removed the future label Nov 24, 2020
@bouncepaw
Copy link
Owner Author

It ended up being really different with no granular control over everything. Well, maybe someday. Closing for now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bouncepaw @DanInSpace104