Re: [phpBT-dev] Comments and thoughts

[Ulf E. <ulf...@fa...>]

* Benjamin Curtis [2005-02-15 14:51]:
> Heh, consistency on the permission stuff would be nice, wouldn't it?  :) 
> It's been such a long time since I looked at the permission stuff -- 
> your email made me go a look at it, and there is some code rot in there 
> indeed.  I think the intent was (and the implementation should be 
> something like) to have have_* functions return a boolean so the calling 
> code can decide what to (presumably non-fatal) and have the check_* 
> functions display the error and stop execution.  I believe the others 
> were intended to be private functions, but again, that was a long time 
> ago now.  I'll be happy to review the permission stuff to try to make it 
> more logical.

That sounds like a good plan. All have_* returns a boolean, all check_* 
stop execution with an error, and everything else is kept internal. 
Another thing, the have_* and the check_* should come in pairs such that 
the same * is used for the same sort of permission. That would make it 
clear enough.

> I had intended the Admin bit to override all others, so that Admins 
> would be able to do anything regardless of whether they had the specific 
> permissions.

Yes. The "Admin" bit works. You check for other bits at a few places: 
Administrator, Manager and Users. None of them exists, but the Admin bit 
grants, of course, permission.

> I think I made a commit recently that reduces the significance of the 
> User group.  I'll poke at that as well and take a look at the admin 
> error template.

The name 'User' is also used in one or another SQL query. I think the 
user editor had some troubles there when I didn't force all to be 
members of the User group.

-- 
Ulf