Wessie
commented
5 years ago this look okay, we currently have 3 bits of code that touch these permissions so each one of them would have to be adjusted
Closed Bevinsky closed 5 years ago
Wessie
commented
5 years ago this look okay, we currently have 3 bits of code that touch these permissions so each one of them would have to be adjusted
Bevinsky
commented
5 years ago That's right, should mention which those are:
Those are what you meant, right?
Wessie
commented
5 years ago they would be
old hanyuu does not actually use permissions for anything
Bevinsky
commented
5 years ago Oh, right.
I'm planning to keep a stopgap by setting the old permission number for certain cases still, so anything that uses it will still work until it's updated.
Bevinsky
commented
5 years ago Halfway implemented now, only thing left is to adapt the database and pending pages + navbar to properly use the new subpermissions.
Bevinsky
commented
5 years ago Done in 3ee2ec9f8747e7815b6a03934a8cfa8d2b51671e.
The single integer permission system is insufficient.
Currently, the permissions are as follows:
This should be replaced with something more fine grained, represented by a pivot and definition table.
The definition table is named 'permission_kinds'. It has 1 column.
VARCHAR(40) permission: contains a permission name, all lowercase, no spaces. This is the primary key.The pivot is named 'permissions'. It has 3 columns.
INT id: ID. This is the primary key.INT user_id: FK touserstable.VARCHAR(40) permission: FK topermission_kindstable.A suggested list of permissions follows.
active: Basic permission. Needed to log in and view the admin panel front page.pending_view: Can view the pending page and download songs.pending_edit: Can accept/reject pending songs.database_view: Can search the database.database_edit: Can edit and save database entries.database_delete: Can delete tracks from the database.dj: Can connect to the proxy and view/edit own DJ profile.news: Can create/edit/delete news posts.admin: Can create/edit/delete users, other users' permissions and other users' DJ profiles (with extra fields).dev: Can access the dev page.