[Framework-Team] Two more PLIPs
Andreas Zeidler
az at zitc.de
Thu Dec 13 15:30:07 UTC 2007
On Dec 11, 2007, at 1:35 PM, Laurence Rowe wrote:
> #211: Enable dashboard to be locked down
+1 from me in general. imho it makes sense to separate those
permissions as well as create a ui for group assignment (since these
are already supported anyway). what about migration issues, though?
already existing dashboard portlet registrations on users should
probably be removed when they're set for the "authenticated" group.
otherwise they might be un-shadowed should they ever be removed for
the group again.
and wouldn't we also have to take care of replicating local settings
of 'Portlets: Manage own portlets' with regard to the added
permission? otherwise it might be possible to accidentally loosen
security in some cases if the settings had been made more strict
before. the same goes for workflows i guess — they would need to be
checked to see if they manage the portlets permission. all pretty
unlikely i suppose, but it could be an issue, imho.
thoughts?
cheers,
andi
--
zeidler it consulting - http://zitc.de/ - info at zitc.de
friedelstraße 31 - 12047 berlin - telefon +49 30 25563779
pgp key at http://zitc.de/pgp - http://wwwkeys.de.pgp.net/
plone 3.0.4 released! -- http://plone.org/products/plone
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
URL: <http://lists.plone.org/pipermail/plone-framework-team/attachments/20071213/899df72e/attachment.sig>
More information about the Framework-Team
mailing list