[wp-trac] Re: [WordPress Trac] #5255: Simplify role/capability for easier cap => user lookups

WordPress Trac wp-trac at lists.automattic.com
Thu Oct 25 14:49:55 GMT 2007 

#5255: Simplify role/capability for easier cap => user lookups
-------------------------+--------------------------------------------------
 Reporter:  markjaquith  |        Owner:  anonymous
     Type:  task         |       Status:  new      
 Priority:  normal       |    Milestone:  2.4      
Component:  General      |      Version:           
 Severity:  normal       |   Resolution:           
 Keywords:               |  
-------------------------+--------------------------------------------------
Comment (by filosofo):

 Why not just drop roles entirely, and list capabilities on separate
 usermeta rows?  Then if you want to find out who can edit posts or
 whatever, it's a simple query.

 Likewise, it's a simple query to see what capabilities a user has on a
 given site.

 Replying to [comment:5 ryan]:
 > To get all users with a given capability, lookup which roles have that
 capability and fetch users with those roles.  Simpler code and queries,
 and also simpler conceptually.  What can this user do?  Look at his role
 definition. He can do only what his role allows.  This is pretty much what
 we do at wordpress.com to handle the many users there.  Multiple role and
 capability assignments get unmanageable pretty quickly.

 How would you get around the following two problems?  Currently, if a
 plugin wants to add a capability to a role, say "cap_X", it degrades
 nicely when the plugin is no longer in use--i.e. having an unused
 capability doesn't hurt anything. However, under the proposed system one
 would have to create a new role for each new combination of capabilities.
 If I add "cap_X" to all my administrators, then they will no longer each
 be an "administrator"; they will be something plugin-specific.

 The first problem occurs if you de-activate the plugin: poof! all the
 administrators lose *all* of their capabilities, as their plugin-specific
 role no longer means anything.

 The second problem is getting two different plugins that add capabilities
 to work together.  One wants to give a user "cap_X," and the other wants
 to give the same user "cap_Y", so which gets to define the role?  It seems
 to me that in some fairly common scenarios the number of distinct roles
 could approach the number of users.

-- 
Ticket URL: <http://trac.wordpress.org/ticket/5255#comment:6>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software

More information about the wp-trac mailing list