ACL is not fine grained enough for many usecases

[djay]

User problem

Scenarios like https://github.com/plomino/Plomino/issues/568 aren't well supported. Others include

• designer can design but not view anyones sensitive data
• author can create forms but not see anyones elses data
• coder can edit formulas but not change the design
• editor can not create new documents

  Options

  independent roles

Similar to Plone, plomino 2 should be switched to independent roles. ie, author is not automatically a reader, editor is not automatically an author, designer is not automatically an editor etc. Roles can always be used in combination so not ability is lost. An upgrade step might have to be used to fix older databases.

[ebrehault]

We already have solutions to address those cases:

• regarding designer access to data: designers can work in a dev db with no sensitive data, they export the design and deliver to the prod db manager
• regarding authors not being readers, you use Plomino_Readers field
• regarding editor not being able to create new docs, you can use beforeCreateDocument

I don't think we should create something similar to Plone workflow, because:

• it is difficult to implement
• it already exists, we can enable specific plone workflow on Plomino form or views
• it would make Plomino less approachable to beginners

[djay]

I'm not suggesting anything to do with workflow. or about Plomino_Readers.

I'm saying that it is unnecessary and confusing and creates more work to make your ACLs not independent. If an Author wasn't automatically a Reader then its trivial to setup things such that one group can view the data, and another can add to it (without reading). Not special coding required. And if you want the current setup then you just give those users BOTH Author and Reader.

It is an enhancement that makes many use cases much simpler with no downside (except backwards incompatibility).

[djay]

For example here is another scenario thats currently hard to solve. All Authors can see the list of all views. Even if I can use Plomino_readers to hide the documents from an Author (and the views themselves will appear empty), I can't hide the list of Views itself.