Menu
▾
▴
Re: [Exist-development] Proposal to change security design of groups
|
From: Adam R. <ad...@ex...> - 2010-09-27 15:12:19
|
>>2) Any user can remove themselves from any group they choose - I
>>cannot think of a case where downgrading a users rights prevents a
>>security risk. This is the users right!
> I did mail before, we must agree on terms we going to use. 'owner' is quite
> good, but limited. My offer: group's 'manager'
Owner or manager really makes no difference to me. In English it would
seem to me that 'owner' is the more accurate and succinct term.
> (can change members list &
> permissions for group, it can be 2 different roles ) & 'member' (use group's
> permissions). It simple to see that there can be person that can manage, but
> have no access for resources.
I am not clear on why a group would have 'permissions'? Surely
collections and resources have permissions in terms of owner and
group, but not the group object itself.
--
Adam Retter
eXist Developer
{ United Kingdom }
ad...@ex...
irc://irc.freenode.net/existdb
|