[geeklog-devel] Feature Request: Config.class -- not limited to root

Joe Mucchiello joe at throwingdice.com
Sun Mar 30 22:19:44 EDT 2008

There are some configuration items that it would be nice to allow 
anyone with object.admin feature to modify. And there are of course 
the majority of configuration items that should only be touched by 
root. So why not add a field to the config table "required feature". 
If empty, only Root can modify the config item. If it contains text, 
the item can be edited by anyone with listed feature. You could even 
allow comma separated lists. If the first char is & it calls 
SEC_hasFeature with "and" (stripping off the &, of course) as the 
second parameter. Otherwise it calls it with OR as the second parameter.

When checking to see who can see the configuration page, you can 
require some other feature ("config.edit") so that you don't have to 
parse all those fields trying to figure out if the user can see the page.

Joe Mucchiello
Throwing Dice Games

More information about the geeklog-devel mailing list