[geeklog-devel] Feature Request: Config.class -- not limited to root
joe at throwingdice.com
Sun Mar 30 22:19:44 EDT 2008
There are some configuration items that it would be nice to allow
anyone with object.admin feature to modify. And there are of course
the majority of configuration items that should only be touched by
root. So why not add a field to the config table "required feature".
If empty, only Root can modify the config item. If it contains text,
the item can be edited by anyone with listed feature. You could even
allow comma separated lists. If the first char is & it calls
SEC_hasFeature with "and" (stripping off the &, of course) as the
second parameter. Otherwise it calls it with OR as the second parameter.
When checking to see who can see the configuration page, you can
require some other feature ("config.edit") so that you don't have to
parse all those fields trying to figure out if the user can see the page.
Throwing Dice Games
More information about the geeklog-devel