View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0005381 | mantisbt | administration | public | 2005-03-23 17:59 | 2017-01-18 10:11 |
Reporter | vwegert | Assigned To | |||
Priority | normal | Severity | feature | Reproducibility | N/A |
Status | new | Resolution | open | ||
Summary | 0005381: more flexible group/role/profile/permission management | ||||
Description | As we recently discussed in #mantishelp and as stated in several other bug notes, Mantis could use a more flexible approach to manage permissions than the current level-based management system.
| ||||
Additional Information | The draft of the conept document has grown too large to be uploaded here, so I've uploaded it to my personal webspace at http://attic.volker-wegert.de/Mantis-PermissionManagement.pdf | ||||
Tags | No tags attached. | ||||
parent of | 0004296 | acknowledged | Permission groups: ability to adjust users' view permissions easily | |
parent of | 0003444 | confirmed | Add user groups to streamline user management | |
parent of | 0005273 | closed | grangeway | permissions |
parent of | 0005155 | closed | vboctor | Allow to create user with "smaller" permission than visitor |
has duplicate | 0003682 | closed | grangeway | Unlimied self-defined groups and permissions |
related to | 0005940 | acknowledged | Web UI to customize access levels | |
related to | 0005108 | new | User Groups | |
related to | 0005430 | closed | vboctor | Is there a way to make the Description to be Read-only once the issue is entered ? |
related to | 0015766 | new | Setting to allow Developers to change due date but not update an issue | |
Not all the children of this issue are yet resolved or closed. |
Perhaps http://phpgacl.sourceforge.net/ could be interesting - why reinvent the wheel all over again? |
|
I've taken the time to walk through the code and create a call graph that shows who is using which access control function. The files are too big to be uploaded here, but can be downloaded from http://attic.volker-wegert.de/AccessChart.zip This file includes three versions of the graph:
|
|
From what I've found out about the access control functions, I'd suggest a two-step approach:
Advantages: No need to change the rest of the code once the first step is completed; clearer view on what kinds of permissions we have to manage (project related actions, bug related actions, ...) Any suggestions? |
|