Bit random, but is there a central method for getting the roles, and is it magic ready? If so, a plugin could easily override the standard (int based) role-fetcher, and instead use an other method (eg: binary field)
@Tim No, wasn't misunderstanding what Roles are for, I just think that having a limit of 32 underestimates the possible permutations for permissions required on larger sites (as I mentioned above - those aren't just labels, they all have their own set of permissions). This isn't a pressing concern for me as some careful management can alleviate the issue or at least put it off for a while, but I don't think needing to re-think a permissions structure because of this limitation is a good process to follow long-term.
@Tim Let's say I create a Groups app that lets people create groups and it gives every group its own private forum that only members of that group can see. I'd have to create an entirely separate and redundant permissions structure to accommodate that or I'd run out of Roles to put them in almost immediately.
@Tim In applications/garden/models/class.rolemodel there are two functions (Define & Save) that create the RoleID based on log2.
For my application, I've changed the code from: $RoleID = pow(2, ceil(log($MaxRoleID + 1, 2))); to: $RoleID = $MaxRoleID + 1;
The same can be accomplished if I remove the $RoleID from code completely and change the DB Table to auto-increment instead (I may do this later).
Roles are already stored in a middle able (UserRole) with columns UserId and RoleId.
To make this drop-able I'd have to be able to modify the model function through a plugin, module or hook; is this possible? From what little I've read, it appears that I can only add functions to controllers.
I completely agree with Lincoln on this thread. Roles and groups are not the same, however, and I see a complex relationship between the two.
Consider this example:
The forum I'm working on developing is a network of five non-profit organizations. Each organization needs to have it's own private discussion forum, and within that there needs to be an 'officers' subforum that is further restricted to officers of the organization.
Outside of the private forums we want to have a general user group as well, so there are really six groups of forums:
General Org 1 Org 2 Org 3 Org 4 Org 5
In terms of user abilities (ignore roles vs groups for a moment), I need:
Master admin
General Community Member (can participate in general area and "read-only" the org forums) General Community Moderator
Org 1 member (can see and post in org 1 forum) Org 1 officer (can moderate org 1 and read-write org 1 officers forum)
Org 2 member Org 2 officer
Org 3 member Org 3 officer
Org 4 member Org 4 officer
Org 5 member Org 5 officer
Now, that's 13 "roles" in the current system, and some users will have several roles. If the limit is 32 "roles" - because roles are the only system for creating private forums - then our site can add a maximum of 14 more organizations.
Will we add more than that? I don't know. Each of the groups is pretty small, and there are many other groups that have expressed interest in sharing web resources (forums) with us, so maybe we will.
But, here's where it gets more complicated:
Each of the organizations wishes to use the forum to organize projects, which may contain sensitive information, and sometimes project managers will not be officers, so maybe Org 1 needs these forums:
Org 1 officers Org 1 project Org 1 general
And maybe Org 1 wants to choose a member at large to moderate org 1 special project, while only allowing invited members to participate in that project discussion.
That means two more "roles" - Project 1 moderator, and Project 1 participant - which give you access to that project, but not to the officers area.
So, if each group had a similar project, that's 20 roles potentially needed just for our current organizations, and only three more organizations can join.
Now, I don't know the technical reasons for the 32 role limit, and I'm not going to try and argue them, but my thought is that it would make more sense from a user perspective not to have tons and tons or roles, but instead to have a "groups" function that can provide permissions within a limited scope.
For instance, general forum members can also belong to the "Org 1" group, which grants them the ability to post in Org 1 general, or "Org 1 Officers" which grants them permission to use the Org 1 officers forum and moderate within the Org 1 general forum.
Then the only roles we'd really need would be Admin and Member, and all other permissions would be granted within a limited scope by the use of "groups."
Fundamentally, I see the ability to be very flexible and selective as to who can see and use what specific forums in a site as critical to the usefulness of the forum software, and I think tying forum access into the current "roles" system may not be the best way to go forward.
Lastly, as to making this a plugin or a core feature - this is the kind of thing that needs to be in the core. Controlling who can see what discussion is one of the most basic administrator tasks for a forum, and the core system needs to include functionality that covers the basic needs of most people.
Alright - thanks for reading my novel if you made it this far. Keep up the good work, Devs, Vanilla 2 is very slick!
I get that... but I mean, this doesn't interfere with people that only want 32 or 63 roles... they can still limit themselves to those numbers. It's just that now people who want 900 roles are also supported. I don't see the downside
Comments
In applications/garden/models/class.rolemodel there are two functions (Define & Save) that create the RoleID based on log2.
For my application, I've changed the code from:
$RoleID = pow(2, ceil(log($MaxRoleID + 1, 2)));to:
$RoleID = $MaxRoleID + 1;The same can be accomplished if I remove the $RoleID from code completely and change the DB Table to auto-increment instead (I may do this later).
Roles are already stored in a middle able (UserRole) with columns UserId and RoleId.
To make this drop-able I'd have to be able to modify the model function through a plugin, module or hook; is this possible? From what little I've read, it appears that I can only add functions to controllers.
Vanilla Forums COO [GitHub, Twitter, About.me]
Consider this example:
The forum I'm working on developing is a network of five non-profit organizations. Each organization needs to have it's own private discussion forum, and within that there needs to be an 'officers' subforum that is further restricted to officers of the organization.
Outside of the private forums we want to have a general user group as well, so there are really six groups of forums:
General
Org 1
Org 2
Org 3
Org 4
Org 5
In terms of user abilities (ignore roles vs groups for a moment), I need:
Master admin
General Community Member (can participate in general area and "read-only" the org forums)
General Community Moderator
Org 1 member (can see and post in org 1 forum)
Org 1 officer (can moderate org 1 and read-write org 1 officers forum)
Org 2 member
Org 2 officer
Org 3 member
Org 3 officer
Org 4 member
Org 4 officer
Org 5 member
Org 5 officer
Now, that's 13 "roles" in the current system, and some users will have several roles. If the limit is 32 "roles" - because roles are the only system for creating private forums - then our site can add a maximum of 14 more organizations.
Will we add more than that? I don't know. Each of the groups is pretty small, and there are many other groups that have expressed interest in sharing web resources (forums) with us, so maybe we will.
But, here's where it gets more complicated:
Each of the organizations wishes to use the forum to organize projects, which may contain sensitive information, and sometimes project managers will not be officers, so maybe Org 1 needs these forums:
Org 1 officers
Org 1 project
Org 1 general
And maybe Org 1 wants to choose a member at large to moderate org 1 special project, while only allowing invited members to participate in that project discussion.
That means two more "roles" - Project 1 moderator, and Project 1 participant - which give you access to that project, but not to the officers area.
So, if each group had a similar project, that's 20 roles potentially needed just for our current organizations, and only three more organizations can join.
Now, I don't know the technical reasons for the 32 role limit, and I'm not going to try and argue them, but my thought is that it would make more sense from a user perspective not to have tons and tons or roles, but instead to have a "groups" function that can provide permissions within a limited scope.
For instance, general forum members can also belong to the "Org 1" group, which grants them the ability to post in Org 1 general, or "Org 1 Officers" which grants them permission to use the Org 1 officers forum and moderate within the Org 1 general forum.
Then the only roles we'd really need would be Admin and Member, and all other permissions would be granted within a limited scope by the use of "groups."
Fundamentally, I see the ability to be very flexible and selective as to who can see and use what specific forums in a site as critical to the usefulness of the forum software, and I think tying forum access into the current "roles" system may not be the best way to go forward.
Lastly, as to making this a plugin or a core feature - this is the kind of thing that needs to be in the core. Controlling who can see what discussion is one of the most basic administrator tasks for a forum, and the core system needs to include functionality that covers the basic needs of most people.
Alright - thanks for reading my novel if you made it this far. Keep up the good work, Devs, Vanilla 2 is very slick!
Vanilla Forums COO [GitHub, Twitter, About.me]
After @burlesona wrote such a compelling treatise on the subject yesterday, we felt obligated to commit the changes 2 days ago.
Heh
Vanilla Forums COO [GitHub, Twitter, About.me]
Vanilla Forums COO [GitHub, Twitter, About.me]
Vanilla Forums COO [GitHub, Twitter, About.me]
WAY TO READ THE THREAD.
Vanilla Forums COO [GitHub, Twitter, About.me]