On 02/05/13 18:12, Olemis Lang wrote:
> On 5/2/13, Gary Martin <gary.martin@wandisco.com> wrote:
>> On 02/05/13 15:15, Joachim Dreimann wrote:
>>> Every registered user should be allowed to see the Dashboard.
>>>
>>> The Dashboard may be empty if the user has no permissions to see anything
>>> else. Just as it is on a new installation with no information yet.
>>>
>>> Empty should not mean a blank page, but one helping to get started, learn
>>> more, how to request permissions, whatever the case may be.
>> When you say that every registered user should be allowed access that
>> would suggest that there are situations where anonymous users should not
>> be able to see the page. Unless you are attempting to argue for no
>> constraints on access then using a permission to specify local policy
>> would be consistent with the normal approach elsewhere.
>>
>> It looks like DASHBOARD_VIEW might be the obvious permission to use for
>> this but we could make it so that DASHBOARD_VIEW is automatically
>> granted by TICKET_VIEW. This would deny the ability to distinguish the
>> two permissions without using fine grained permissions though.
>>
> Considering the fact that there is a proposal and working patch for
> customized dashboards (see #140) I'd rather prefer DASHBOARD_VIEW
> since not all dashboards might be about tickets .
That would not be inconsistent with my suggestion. You could remove
TICKET_VIEW and add DASHBOARD_VIEW to a user in order to keep seeing the
dashboard. It could just be handy to additionally use a permission that
is already provided by default.
I am also beginning to wonder how useful PRODUCT_VIEW is going to be. I
will have to read up on the current proposals again.
Cheers,
Gary
|