From: Giancarlo P. <gia...@ya...> - 2009-02-22 00:10:54
|
> Dear Giancarlo, .... > One thing is clear: profiles (profiles.tikiwiki.org) are going to play > an important role in the new scenario. We talked about a new term, > coined perspectives . I'm goint to take a look at it. Unfortunately I'm always on a very slow connection.. > We ask you (and all the community, of course ;D ) to join us to a new > experimental branch to work in this ( > http://tikiwiki.svn.sourceforge.net/viewvc/tikiwiki/branches/experimental/w >orkspaces/ ) . It's better to work in the same direction. What do you think? Always because of my narrow band... you mean one can checkout/commit only 'workspaces' without the whole tikiwiki? > > Now I go into you mail. > .... > > - the role of RolePerms-xxx and ROLEGRPxxx groups: I understand this is a tiki-wide perms group. All 'teacher' roles will have these group permissions, except of course for objects that have individual object permissons applied to them (eg workspace resources) > I think you are right when you say that RolePerms-xxx group serves only > as an isolated template. At first they look like tiki-wide permission groups, but in reality every perm in the RolePerms.xxx group gets converted into an *object permission* for each related resource (object) of any workspace type which has that role in its workspace_type_roles. (mmmh... maybe one can explain this better...) These are not group perms, but a template for assigning object perms to workspace resources. So definetely they don't have to be included in any other group. I evinced this from lib/workspaces/workspacelib.php function assign_permissions (the magic is mostly there) > > - workspaces and categories: > > This is another dark area for me. By activating categories feature I > > noticed that workspaces use a category for every workspace. > > What about if we want to categorize items in workspaces, eg. give > > 'Teacher' the capability to assign extra categories to a wiki page in > > his, but only in his, workspace? As OFIMA01 ws and all its resources > > belong to the same OFIMA01 category, can we obtain that? > > I don't understand exactly what you mean here. > Could you expand on the > issues you mentioned above? There are 4 category-related perms: tiki_p_admin_categories Can admin categories (eg create a new categ) tiki_p_view_categories Can view categories tiki_p_view_categorized Can view categorized items tiki_p_edit_categorized Can edit items in categories ( can edit any categorized object + can assign categories to any categorized object?) Every workspace is also a category. Resources (objects) of a workspace are categorized objects of their workspace's category If you activate feature_categories, and browse though them, you find your workspace, and you can assign category-related perms to it. That is you can assign object perms 'tiki_edit_categorized' and 'tiki_p_admin_categories' to an object of type 'category', like your workspace is. This is something you can't normally do by managing workspaces or workspace resources. What does this means? What are the perms 'teacher' needs to be able to categorize eg: a wiki page in his workspace? As of now it seems that: * if 'teacher' has 'tiki_p_edit_categorized' as group perms (he can edit *any* categorized object), AND the WSOFIMA01 course, as a category, has no individual permissions (as seen from tiki-categpermissions.php?categId=) AND teacher has tiki_p_edit perms on 'WSOFIMA01 - Home Page' of the workgroup AND teacher *has not 'tiki_p_edit'* group perms: - he can edit and add/remove categories from 'WSOFIMA01 Home Page' - he can edit (this is something I wouldn't want) and add/remove categories from *any* categorized wiki page that has no individual object perms assigned * if WSOFIMA01 as an object of type category (through tiki_categpermissions.php) has assigned individual 'tiki_p_edit_categorized' perms to 'WSOFIMA01-Teacher' group AND teacher has tiki_p_edit perms on 'WSOFIMA01 - Home Page' of the workgroup AND teacher has not 'tiki_p_edit_categorized' as group perms - 'teacher' can edit 'WSOFIMA01 - Home Page' but he has only one choice category he can assign to it: WSOFIMA01 - 'teacher' cannot edit/remove/assign category to any other categorized page out of WSOFIMA01 So none of these settings allows to obtain that 'teacher' can categorize only his workspace objects to any category. Hope it was more clear. Giancarlo |