Skip to content

Fine grained user roles and permissions

Jump to bottom Edit New page
skenaja edited this page Jul 7, 2011 · 1 revision

Roles & permissions

Alaveteli currently has a 2-tier permissions system:

  • general user
  • admin

There is a requirement to be able to define & grant more fine-grained permissions to various site users. This is a draft proposal to allow Alaveteli to (generically):

  • define various arbritary roles within the system - (non-exhaustive list) eg commenter, bulk requester, newbie requester, voter-upper, sysadmin, superadmin, community moderator etc.

  • map these roles to system _privileges _via a role_privileges mapping

  • grant & revoke these roles to users (user_role)

  • roles, user_role & role_privileges would probably be stored in the database, allowing them to be editable via admin screens

  • privileges could also be listed in the DB, at least to be able to clearly state what they, and to allow for data-driven configuration. These would be referred to by functions and screens in code.

This basic framework would allow the Escalating-privileges-system to be developed in a evolutionary way.

Add a custom footer
Add a custom sidebar
Clone this wiki locally