[Mailman-Developers] Soliciting feedback on idea for rounding out the permissions model.
Andrew Stuart
andrew.stuart at supercoders.com.au
Tue Feb 17 02:39:37 CET 2015
I’d be interested to hear what the Postorius/Hyperkitty folks think on the concept of more tangibly defining Mailman resource/user permissions.
Presumably Postorius and Hyperkitty somehow grant access to resources and store the permissions information externally?
Anyone got any thoughts?
as
On 17 Feb 2015, at 1:37 am, Barry Warsaw <barry at list.org> wrote:
This looks like a reasonable analysis.
On Feb 16, 2015, at 11:39 AM, Andrew Stuart wrote:
> To implement, it would need to be possible to define as user as being a
> ‘serverowner’, and also to be able to define a user as being a ‘domainowner’
> for any given domain.
As you've noticed, we have IMember objects which encapsulate the list-centric
roles for users. It's important to note though that this isn't quite complete
because it's possible for validated, non-user linked addresses to also be
subscribed to mailing lists, and then we have no trail back to a UUID. I
think in normal operations though, this should be rare to nonexistent.
We have a natural place to hang user information on for domains, since we have
an IDomain interface (and a domain model/table). In this case, I would
stipulate that only users can be associated with domains. We'd probably need
to add a table to represent this relationship.
I don't know where to hang the siteowner information. Maybe adding a column
to the user table? It probably just needs to be a flag.
The alternative is to use some special list_id values in the member table to
denote a domain and the site, and then restrict the role to owner in both
cases. I'm not sure I like this though. It seems implicit rather than
explicit.
Are there any other permissions you can think of?
Cheers,
-Barry
_______________________________________________
Mailman-Developers mailing list
Mailman-Developers at python.org
https://mail.python.org/mailman/listinfo/mailman-developers
Mailman FAQ: http://wiki.list.org/x/AgA3
Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/
Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/andrew.stuart%40supercoders.com.au
Security Policy: http://wiki.list.org/x/QIA9
More information about the Mailman-Developers
mailing list