[wp-trac] Re: [WordPress Trac] #10201: Switch roles to use single role, and no user-specific caps

WordPress Trac wp-trac at lists.automattic.com
Thu Jun 18 08:24:22 GMT 2009


#10201: Switch roles to use single role, and no user-specific caps
-------------------------------+--------------------------------------------
 Reporter:  Denis-de-Bernardy  |       Owner:  Denis-de-Bernardy
     Type:  enhancement        |      Status:  accepted         
 Priority:  normal             |   Milestone:  2.9              
Component:  Role/Capability    |     Version:  2.8              
 Severity:  normal             |    Keywords:  2nd-opinion      
-------------------------------+--------------------------------------------
Changes (by dd32):

  * keywords:  => 2nd-opinion


Comment:

 > I use a shared wordpress user table with 2 installs and some users can
 post with one but not the other would that effect this?

 No, As long as users have separate roles per blog.

 This tickets been created rather badly; Just a placeholder with a tonne of
 logs which cant be read anyway.

 My points from what i know:
  * The current role system is rather complicated, But has a lot of
 flexibility
  * A lot of the flexibility isn't even used by most (ie. the ability to
 have a user with a Roll + a single capability)
  * The role system starts having trouble with a high number of users
    * To look up every user with a certain cap. it requires loading all the
 users, and then checking individually.

 The proposed changes are:
  * That we reduce the complex system to something much more simple:
   * Roles are retained,
   * However:
     * Limit users to 1 role (This would be on a per-blog basis, based off
 the permission prefix thinggi..)
     * Remove the ability for a user to be part of a Role, and have an
 extra capability added on top of that.
  * This has the ability to significantly increase performance, As now:
    * Looking up users with a specific cap is easy:
      * Filter the role list for roles with that cap
      * SQL the usermeta table for users in those roles
      * Select those users (if needed, else return the ID's)
  * An upgrade path is available which doesnt require extra tables, and
 reduces the ammount of serialization
    * The other option is a whole new set of tables.. which.. those who are
 sane (And there are some insane people in WP Dev..) realise that its not
 really needed.
  * Fine grain control has never been possible from WP without a plugin,
 Nothing would change here, If a user wants fine grained control over
 permissions, They'd still have to run a plugin, Its just that that plugin
 may have to do more heavy lifting now -- since wordpress's API/role system
 would be simpler and not support the extra fangledangles.

 (Actually, Just note that those thoughts there in the 2nd list are just my
 opinion, and the method which i support. Others would suggest different
 methods)

 The fine details  will be worked out over the coming weeks.. It was raised
 after the weekly dev meeting on IRC today yesterday for some), probably be
 discussed again next meeting, so anyone's thoughts posted here in the
 meantime will be read. No firm decision has been made.. but it seems like
 most of those there agreed that something needed to change, Its just
 deciding on the exact way in which the role system will change.

 2nd-opinion as, as much feedback possible is wanted :)

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/10201#comment:8>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list