search

opengovfoundation / madison

Madison is a platform for lawmakers to share legislation with their citizens, allowing the community to add comments and suggest improvements.
GNU General Public License v3.0
690 stars 108 forks source link

Create User Roles #171

Closed cmbirk closed 10 years ago

cmbirk commented 10 years ago

Currently the permissions are based on 2 user roles: normal users and admin users. The admin users are able to access everything in the dashboard.

We need a role system to be able to specify granular privileges. This has been started already with the roles table and the role_user pivot table.

Right now each role entry has a varchar column - permissions. Originally I was picturing this working similar to the way Wordpress does it - a serialized array of permissions, but I'm rethinking that strategy.

The alternative is removing the permissions column, and creating a permissions table and a permission_role pivot table. We can then attach as many permissions to a role as is necessary. The Eloquent ORM even has a way for the user to access their permissions 'through' the user role: http://laravel.com/docs/eloquent#has-many-through . This would allow much more granularity in roles, and even allow the superadmins to create roles themselves - attaching the permissions to the role through the dashboard. I'm leaning much more strongly in this direction.

@billhunt and @coogle could I get some other opinions on this issue?

cmbirk commented 10 years ago

This system would replace the current user_level column in the users table.

krusynth commented 10 years ago

I'm all for role-based permissions, but I'd check to see if I could find a plugin to handle this first - it looks like there are a few already available, I'm just not sure what we'd need.

cmbirk commented 10 years ago

Excellent idea. I'll take a look. Thanks @krues8dr

cmbirk commented 10 years ago

I think we can do this with the entrust plugin:

http://registry.autopergamene.eu/package/zizaco-entrust https://github.com/Zizaco/entrust

coogle commented 10 years ago

It looks interesting and right up our alley. Without objections I'll run with this plugin then.

John

On Fri, Mar 28, 2014 at 4:51 PM, Chris Birk notifications@github.com wrote:

I think we can do this with the entrust plugin: http://registry.autopergamene.eu/package/zizaco-entrust

https://github.com/Zizaco/entrust

Reply to this email directly or view it on GitHub: https://github.com/opengovfoundation/madison/issues/171#issuecomment-38966612

coogle commented 10 years ago

I just pushed the issue171 branch, which is an initial implementation of the Entrust module. See my commit log in this branch for a complete list, but basically

cmbirk commented 10 years ago

@coogle I'm going to keep these open until they're actually merged into master.