avatar mbabker
8 Oct 2012

ACL system, should at a minimum incorporate:

  • Guest access (at most, the ability to submit reports and comments in a moderated fashion, otherwise read-only)
  • Registered user (is able to submit reports and comments, able to update status on own items, edit summary/description on own items, upload files to own items (screenshot, patch, etc.))
  • JBS (Registered user + able to manage non-owned items)
avatar mbabker mbabker - open - 8 Oct 2012
avatar mbabker mbabker - open - 8 Oct 2012
avatar elkuku
elkuku - comment - 14 Oct 2012

I think this one is "solved" by pulling in com_users ?

About the permissions:

  • Unregistered (guest)
  • Registered
  • Tracker Team
  • Admin
  • View permitted for everybody, including searches.
  • Submit new issues - Registered.
  • Comment - Registered.
  • Edit - Tracker Team and own
  • Edit state (close) - Tracker Team (maybe one should be able to close his/her's own issue..)
  • User management - Admin - Moving users from "Registered" to "Tracker Team" - or block them.

So the most notably difference to your approach would be that I don't think we should allow submitting reports or comments to unregistered users. But we can try and see how much vi*gra we recieve ;)

avatar mbabker
mbabker - comment - 14 Oct 2012

The unregistered being able to submit basic items is just a nice to have IMO. If we can't do it, so be it. I know I've seen some gripes about having to have an account to do a one off report, but it is what it is.

avatar - close - 19 Jun 2013
avatar elkuku
elkuku - comment - 19 Jun 2013

Has been fixed in #111

avatar elkuku elkuku - close - 19 Jun 2013

Add a Comment

Login with GitHub to post a comment