some thoughts

git-svn-id: http://mantisbt.svn.sourceforge.net/svnroot/mantisbt/trunk@1267 f5dc347c-c33d-0410-90a0-b07cc1902cb9

doc/FUTURE

@@ -1,20 +1,33 @@
 -- Just Ideas (feel free to modify) --
 -- david ulevitch <davidu@everydns.net> --
--- $Id --
+-- $Id: FUTURE,v 1.3 2002-08-20 22:25:04 jfitzell Exp $ --
 
 Mantis rewrite.
 
 Goals:
 -o 	No loss of current functionality
 -o 	No loss of current ease of use
 -o 	No loss of current ease of setup
+-o	Make source files clean, consistent, easy to read,
+	and not unneccesarily long
 
 Primary:
 -o 	Database abstraction via ADODB (http://php.weblogs.com/ADODB)
 -o 	Designed with security in mind
+-o	Every "user operation" API function checks permissions before
+	performing it's operation.  It would be nice if this was done
+	by calling one function that could obtain all the state information
+	(current user, current project, current bug, whatever...) so that
+	more complex and customized rules could be delevoped later.  The
+	basic idea is let something else decide whether the operation is
+	allowed, not the API function itself.
 \-o	Common functions to deal with INPUT, OUTPUT, STORAGE, etc.
 
 Secondary:
 -o	Source documentation via phpdoc (or similar)
+-o	Are there any DB schema cleanups that could be done while we're
+	making major changes anyway?  Might be a good time to justify
+	one big change if necessary (not sure if there is, just throwing
+	it out there to think about)
 
 What else?