Status | Proposal under development |
Target Release | Roller Weblogger 4.1 |
Original Authors | Dave Johnson |
1.0 Abstract
This is a proposal to make it possible to externalize user permissions so that Roller can pull user-weblog permissions from a separate user permissions system.
2.0 Background
Here's an explanation of Roller's current user permissions management, the perceived problems and proposed solutions.
2.1 Roller manages user-weblog permissions
In addition to roles, which are global across a Roller site, Roller also each user's permissions to access weblogs. There is a many-to-many relationship between users and weblogs and it's stored in a database table:
...
public boolean hasWritePermissions(User user)
Code Block |
---|
h4. 2.1.1 Problem Permissions cannot be managed by external system because the User to Permissions to Weblog relationship is managed by the ORM, the information must be stored in Roller database tables and cannot be externalized and managed by another system. h4. 2.1.2 Solution: User Permissions API Insead calling ORM supported methods on the Weblog and User classes, the Roller front-end will call the Roller UserManager to access permissions information. We'll add these new methods to accommodate that: UserManager |
...
You can stop reading here... the rest is TBD
3.0 Requirements
Requirements satisfied by this proposal
4.0 Issues
Issues to be considered
5.0 Design
List and describe new manager methods, Struts actions, JSP pages, macros, etc.
6.0 Comments
Other can leave commments here.