Changes between Version 1 and Version 3 of Ticket #1066


Ignore:
Timestamp:
04/04/11 09:04:52 (3 years ago)
Author:
dread
Comment:

Legend:

Unmodified
Added
Removed
Modified

  • Ticket #1066 – Description

    v1 v3  
    1 The definition of the 'reader' role includes creating packages, which is too permissive for some CKAN instances (e.g. DGU). 'Reader' suggests only reading, so I think this role should avoid creating and creating. 
     1The definition of the 'reader' role includes creating packages, which is too permissive for some CKAN instances (e.g. DGU). 'Reader' suggests only reading, so I think this role should avoid creating and editing. 
    22 
    3 All projects so far allow public to create users, so this stays as a Reader action for now, as a convenience. 
     3All projects so far want all roles to be able to create users, so this stays as a Reader action for now, as a convenience. 
    44 
    55Implementation: 
    66 
    7  * Action.PACKAGE_CREATE remove from default_role_actions 
    8  * Comment written, to describe suggested policy 
     7 * Action.PACKAGE_CREATE removed from reader's default_role_actions 
     8 * Visitor has a new default role, called 'anon_editor' which can edit packages, but not groups / auth groups - you have to log in for that. 
     9 * Migration script not needed? 
     10 * Code comments written, to make clear the suggested policy