I’d be interested to hear what the Postorius/Hyperkitty folks think on the concept of more tangibly defining Mailman resource/user permissions.
Presumably Postorius and Hyperkitty somehow grant access to resources and store the permissions information externally?
Anyone got any thoughts?
as
On 17 Feb 2015, at 1:37 am, Barry Warsaw <barry@list.org> wrote:
This looks like a reasonable analysis.
On Feb 16, 2015, at 11:39 AM, Andrew Stuart wrote:
To implement, it would need to be possible to define as user as being a ‘serverowner’, and also to be able to define a user as being a ‘domainowner’ for any given domain.
As you've noticed, we have IMember objects which encapsulate the list-centric roles for users. It's important to note though that this isn't quite complete because it's possible for validated, non-user linked addresses to also be subscribed to mailing lists, and then we have no trail back to a UUID. I think in normal operations though, this should be rare to nonexistent.
We have a natural place to hang user information on for domains, since we have an IDomain interface (and a domain model/table). In this case, I would stipulate that only users can be associated with domains. We'd probably need to add a table to represent this relationship.
I don't know where to hang the siteowner information. Maybe adding a column to the user table? It probably just needs to be a flag.
The alternative is to use some special list_id values in the member table to denote a domain and the site, and then restrict the role to owner in both cases. I'm not sure I like this though. It seems implicit rather than explicit.
Are there any other permissions you can think of?
Cheers, -Barry
Mailman-Developers mailing list Mailman-Developers@python.org https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/andrew.stuart%40s...
Security Policy: http://wiki.list.org/x/QIA9