bloodhound-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gary Martin <>
Subject Default access permissions and views (Was: Re: [BEP-0003] Wiki install vs. upgrade)
Date Thu, 02 May 2013 18:32:24 GMT
On 02/05/13 18:12, Olemis Lang wrote:
> On 5/2/13, Gary Martin <> wrote:
>> On 02/05/13 15:15, Joachim Dreimann wrote:
>>> Every registered user should be allowed to see the Dashboard.
>>> The Dashboard may be empty if the user has no permissions to see anything
>>> else. Just as it is on a new installation with no information yet.
>>> Empty should not mean a blank page, but one helping to get started, learn
>>> more, how to request permissions, whatever the case may be.
>> When you say that every registered user should be allowed access that
>> would suggest that there are situations where anonymous users should not
>> be able to see the page. Unless you are attempting to argue for no
>> constraints on access then using a permission to specify local policy
>> would be consistent with the normal approach elsewhere.
>> It looks like DASHBOARD_VIEW might be the obvious permission to use for
>> this but we could make it so that DASHBOARD_VIEW is automatically
>> granted by TICKET_VIEW. This would deny the ability to distinguish the
>> two permissions without using fine grained permissions though.
> Considering the fact that there is a proposal and working patch for
> customized dashboards (see #140) I'd rather prefer DASHBOARD_VIEW
> since not all dashboards might be about tickets .

That would not be inconsistent with my suggestion. You could remove 
TICKET_VIEW and add DASHBOARD_VIEW to a user in order to keep seeing the 
dashboard. It could just be handy to additionally use a permission that 
is already provided by default.

I am also beginning to wonder how useful PRODUCT_VIEW is going to be. I 
will have to read up on the current proposals again.


View raw message