-
Notifications
You must be signed in to change notification settings - Fork 206
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Deprecate adminonly and simple_acl in favour of acl_user_groups #1131
Comments
I am for moving the |
Good idea. Let’s start there.
You mean defaults for acl_user_groups, right? |
Yes, good defaults for the user groups, content groups and some rules. |
Do you mean by good defaults also a way to move your resources from simple_roles to user_groups? |
@mmzeeman That could be a support function you can run manually? |
Yes of course. We currently have groups via predicates. That would allow us to write an update routine.
|
We can start adding default ACL rules now #1173 has been merged. |
What about the following set?
Do we agree about adding this set as fixtures? This does mean they will be read-only on the ACL screen and cannot be altered later. We could optionally place them in a separate module, but that module should then be enabled by default to support the idea of an out-of-the-box set of useful rules. |
👍 Also we need to fix #1211 |
What is the procedure for moving from acl simple roles to the new module? |
|
And what do site owners with existing role assignments have to do to go from one to the other? Is it possible to automate this? Go from simple acl to more advanced acl? |
It might be possible to automate, at least partially. The rules themselves could also be inserted, at least for the category creation and "view all" part. |
(cherry picked from commit 25a3da9)
True, but I’m not sure it’s worth the effort. @mmzeeman and other users of mod_acl_adminonly: are you working with large ACL rulesets? How would you feel if we add instruction to the docs on how to upgrade to mod_acl_user_groups (which is now documented properly) but leave the creation of ACL rules up to you? |
Yes, I think it isn't worth the effort either. Even moving our sites to the groups acl isn't worth it either. For the moment we can simply use |
There are now too many ACL options (especially for newcomers to the framework) to choose from.
What about deprecating adminonly and simple_acl or at least strongly recommending to use acl_user_groups? Or does anyone still see good use cases for the older two ACL modules?
The text was updated successfully, but these errors were encountered: