[Mailman-Developers] Discussion On Project Idea "Preset List Settings Templates" .

Wed Mar 9 20:55:53 EST 2016

Thanks for following up here Harshit.  Here are some of my thoughts/ramblings.

On Mar 09, 2016, at 10:51 PM, Harshit Bansal wrote:

>I think the "Permissions Systems" would have nothing to do with the
>core. It would be related to Postorius. We will have to create a style
>model separately in Postorius which would store the style name and the
>user who created it. Then only the user who has created the style
>would be granted the permission to edit it.

Mailing lists have a clear ownership chain.

At the top is the system administrator who has access to the shell.  They get
to do things no one else can, such as create Python files.  Ultimately, they
should be able to create immutable styles which serve as the baseline for all
other style options.  These are immutable because they are defined in Python
code.

The sysadmin can delegate style customizations to the server/site owner, which
is a defined role in the core's model.  The IUser interface defines a flag
`is_server_owner` to define this permission.

The server owners can delegate to domain owners.  The IDomain interface has a
`owners` attribute which can contain users that have this permission.

Domain owners can then delegate to list owners, and of course there is an
`owners` attribute on the IMailingList interface.  Mailing lists also have
moderators but those users wouldn't have permission to change list styles.

Here's where it gets complicated.  At each level, it should be possible to say
"I delegate settings X, Y, and Z to the level below and they can change it to
anything they want."  But they should also be able to say, "I do not allow the
level below to change settings A, B, and C."  For example, a domain owner
might say, "you list owners can change your welcome messages to anything you
want, but you cannot change the footers because for legal reasons this text
must appear on every message."

So you have several things you want to be able to specify about each attribute
in a style.  You want to be able to delegate permission to change a style
attribute going down the hierarchy, but you also want to be able to have any
particular style attribute delegate its value up the hierarchy.  E.g. a list
owners could say "I don't really care about the filter_types, just use
whatever is in the parent style."

It's likely that the permissions would only be enforced in Postorius, although
we can think about how the core would enforce the permissions.  The core would
definitely support the deferring of style values back up to parent styles.

One other thing to think about is whether some styles will be allowed or
disallowed for various domains or mailing lists.  E.g. should some styles only
be allowed for example.com and others for example.org, or can all of them be
allowed for any mailing list on the system?  I think at the very least, some
segregation based on domain would be useful.

Cheers,
-Barry
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://mail.python.org/pipermail/mailman-developers/attachments/20160309/a19b4d1d/attachment.sig>