#10201: Switch roles to use single role, and no user-specific caps
-------------------------------+--------------------------------------------
Reporter: Denis-de-Bernardy | Owner: Denis-de-Bernardy
Type: enhancement | Status: accepted
Priority: normal | Milestone: 2.9
Component: Role/Capability | Version: 2.8
Severity: normal | Keywords: 2nd-opinion
-------------------------------+--------------------------------------------
Changes (by dd32):
* keywords: => 2nd-opinion
Comment:
> I use a shared wordpress user table with 2 installs and some users can
post with one but not the other would that effect this?
No, As long as users have separate roles per blog.
This tickets been created rather badly; Just a placeholder with a tonne of
logs which cant be read anyway.
My points from what i know:
* The current role system is rather complicated, But has a lot of
flexibility
* A lot of the flexibility isn't even used by most (ie. the ability to
have a user with a Roll + a single capability)
* The role system starts having trouble with a high number of users
* To look up every user with a certain cap. it requires loading all the
users, and then checking individually.
The proposed changes are:
* That we reduce the complex system to something much more simple:
* Roles are retained,
* However:
* Limit users to 1 role (This would be on a per-blog basis, based off
the permission prefix thinggi..)
* Remove the ability for a user to be part of a Role, and have an
extra capability added on top of that.
* This has the ability to significantly increase performance, As now:
* Looking up users with a specific cap is easy:
* Filter the role list for roles with that cap
* SQL the usermeta table for users in those roles
* Select those users (if needed, else return the ID's)
* An upgrade path is available which doesnt require extra tables, and
reduces the ammount of serialization
* The other option is a whole new set of tables.. which.. those who are
sane (And there are some insane people in WP Dev..) realise that its not
really needed.
* Fine grain control has never been possible from WP without a plugin,
Nothing would change here, If a user wants fine grained control over
permissions, They'd still have to run a plugin, Its just that that plugin
may have to do more heavy lifting now -- since wordpress's API/role system
would be simpler and not support the extra fangledangles.
(Actually, Just note that those thoughts there in the 2nd list are just my
opinion, and the method which i support. Others would suggest different
methods)
The fine details will be worked out over the coming weeks.. It was raised
after the weekly dev meeting on IRC today yesterday for some), probably be
discussed again next meeting, so anyone's thoughts posted here in the
meantime will be read. No firm decision has been made.. but it seems like
most of those there agreed that something needed to change, Its just
deciding on the exact way in which the role system will change.
2nd-opinion as, as much feedback possible is wanted :)
--
Ticket URL: <http://core.trac.wordpress.org/ticket/10201#comment:8>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software