Forum OpenACS Q&A: Re: Permissions granularity

Collapse
Posted by Randy Ferrer on

Hi Randy - Thanks for the tip on this. I think you point at what I need to do very well. It seems like it should be simple enough. The system should not need more than two levels of permissioning.

- The first is once you are a regular registered member of the site, then you can subscribe to be a member of the data application group. This by itself should permit you only to see the pages withing this section of the site which are not considered data views. This is working just fine. In order to see a page that has a data view, you must have read privilige for that view and this is where I'm having the problem. Your description using seg_rels looks like the way to go, so I'll give that a shot.

- Just to be sure I understand what you are saying. I have a subset of users who are members of the data application group. These people are permissioned to access the main page for the data section and other pages not considered views.

- For the views then you suggest creating a segment A for view A, another for view B and then relating users by creating a relation or are you suggesting creating various roles and the assigning these? Sorry...but I think I'm a bit confused here. This should be easy enough...sigh......

- I'll read your doc throughly, but this seems to be quite a bit simpler than what you set out to do in your doc. Maybe not... 😉