So yes. More Plone questions. Role = User class = Group membership in FAS
Who are going to be our editors? Are they "gods" over content objects?
Do we have multiple level of editors or do we just say "you're on the team... go edit"?
Do we have multiple tiers of workflow permissions (who can move a document between states, for example) or do we just say "wow, you'll help? here are your permissions"?
From what I've taken from MikeM we will want to require special
permissions for users to even be able to create content, is this another role?
Do we need "workspaces" in the sense "create anything here, we can all edit it we can all see it, but the public can't"?
Do we lock down plone to be super secure and do very little at first and then open it up with new releases? (Yes, this causes me a little more work making sure changes are upstream compatible but i think this concept is worth it)
What is the state of LDAP queries to FAS?
On Sat, 2007-12-29 at 19:21 -0700, Jonathan Steffan wrote:
So yes. More Plone questions. Role = User class = Group membership in FAS
Who are going to be our editors? Are they "gods" over content objects?
Do we have multiple level of editors or do we just say "you're on the team... go edit"?
Do we have multiple tiers of workflow permissions (who can move a document between states, for example) or do we just say "wow, you'll help? here are your permissions"?
Karsten had floated around an idea at some point about the following roles:
Writer - Can create and change at least their own documents Editor - Can create and change anyone's documents Publisher - Can promote documents to public Sponsor - Can give people access to one of the above roles Administrator - obvious?
I was thinking that "Lead Writer" is also a good role, which differs from a Writer in that a Lead Writer can grant permission for other people to change his documents. However, this then makes me worry about the old "stomping grounds" problem, where there's a risk of people becoming proprietary about "their" work. I don't think we've really had that problem in Docs, but it's always something one should guard against in a FOSS project.
From what I've taken from MikeM we will want to require special
permissions for users to even be able to create content, is this another role?
Do we need "workspaces" in the sense "create anything here, we can all edit it we can all see it, but the public can't"?
That would be a step up from the current Docs/Drafts space we have on the wiki, which is viewable by everyone. There might be some use for this, but we should also be mindful that work that happens out of the public eye in FOSS, for all intents and purposes, doesn't exist. I'm not sure what the right answer is, except possibly to simply have a namespace that's not linked from anywhere but which everyone can go to if they want. (I.e. "docs.fp.o/drafts" is somewhere public but we don't link it from the front docs.fp.o page.)
Do we lock down plone to be super secure and do very little at first and then open it up with new releases? (Yes, this causes me a little more work making sure changes are upstream compatible but i think this concept is worth it)
I'm not sure exactly what you're referring to, whether it's site security, functionality, or what, but I think it's sometimes difficult to close up gates after they're opened, if it turns out they really should have been closed. However, I think you probably want to shift your mindset away from "causes me a little more work" and more toward thinking that as needs come up, that's an opportunity for you to school others in how that need ties into the system and how to make the changes properly. We already have learned through many hard knocks that individuals don't scale well, and we should try and spread the work (and pain) however possible.
What is the state of LDAP queries to FAS?
This may be the wrong list for that question, maybe try f-websites-l?
docs@lists.stg.fedoraproject.org