THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
NOTE: we would probably also want to create a special action for "all" which can be used for admin purposes and implies all actions automatically.
Based on the behavior in Roller 4.0 we would have these permissions to start from ...
| Code Block |
|---|
# Application Permissions
admin=*all*
editor=login,mainMenu,editProfile,createWeblog
# Weblog Permissions
admin=*all*
author=entries,comments,categories,bookmarks,resources
limited=editDraft
|
The application would not need to actually check for individual actions such as "categories" or "editProfile" when the security model is first updated, it can continue to simply check for "admin" or "author", but eventually the true power of the security system comes in when we make use of more finely grained action controls. That way each action can be granted/revoked to individual users and combined in any way the owner of the application desires.
5.3 Add new UserManager methods
...