| *** Hwyvar has joined #schooltool | 01:49 | |
| *** Hwyvar has quit IRC | 01:52 | |
| *** Hwyvar has joined #schooltool | 01:52 | |
| *** didymo has joined #schooltool | 02:40 | |
| *** pcardune has joined #schooltool | 04:03 | |
| *** pcardune is now known as pcarduner_dinner | 04:20 | |
| *** jinty has quit IRC | 10:20 | |
| *** srichter has quit IRC | 10:47 | |
| *** srichter has joined #schooltool | 10:47 | |
| *** srichter has quit IRC | 11:40 | |
| *** srichter has joined #schooltool | 11:42 | |
| *** didymo has quit IRC | 11:55 | |
| *** jinty has joined #schooltool | 12:04 | |
| *** thisfred has joined #schooltool | 12:50 | |
| *** mgedmin has joined #schooltool | 12:50 | |
| *** vidasp has joined #schooltool | 12:54 | |
| *** ignas has joined #schooltool | 12:57 | |
| *** Aiste has quit IRC | 13:07 | |
| *** Aiste has joined #schooltool | 13:33 | |
| *** jinty has quit IRC | 13:38 | |
| *** alga has joined #SchoolTool | 13:40 | |
| povbot | /svn/commits: * ignas committed revision 6014: | 13:57 |
|---|---|---|
| povbot | /svn/commits: Fix for issue 472: Deleting booked resource makes calendar unviewable. | 13:57 |
| ignas | th1a: ping | 15:38 |
| ignas | _group_based_cashed_prinper | 16:23 |
| *** mgedmin has quit IRC | 16:43 | |
| ignas | http://www.phidgetsusa.com/ | 16:55 |
| th1a | ignas: pong. | 17:08 |
| ignas | ouch | 17:08 |
| ignas | the link was in the wrong channel | 17:08 |
| ignas | apparently | 17:08 |
| ignas | Have we decided upon the scope of the ACL story ? | 17:09 |
| ignas | From what i have gathered, we will need self permissions and group permissions for schooltool 2006 | 17:10 |
| ignas | and a sane permission editing view | 17:10 |
| ignas | with global grants replacing local grantds | 17:10 |
| th1a | Yes. | 17:11 |
| th1a | We still need local grants for some things. | 17:12 |
| ignas | like what ? | 17:12 |
| th1a | Did I send the revised table that doesn't have the relationship permissions? | 17:14 |
| ignas | yes | 17:15 |
| ignas | what is meant by "Owner" ? | 17:16 |
| ignas | how are owned objects defined ? | 17:16 |
| th1a | Vaguely :-) | 17:18 |
| th1a | What I've been doing is writing in the cell when some kind of relationship is unavoidable. | 17:21 |
| th1a | This comes into play at the end with the section permissions. | 17:21 |
| th1a | I can remove the word "owner" there more easily than explaining or justifying it. | 17:22 |
| ignas | it still leaves the problem | 17:22 |
| ignas | sections | 17:22 |
| ignas | which requires either local grants or relationship based permssions :/ | 17:22 |
| th1a | Local grants. | 17:23 |
| ignas | local grants don't really play nicely with the new permission concept | 17:24 |
| th1a | Also, there are a few lines there that attempt to indicate the need for a local grant like "Person's calendar public?" | 17:24 |
| th1a | Well, as long as you know which ones need local grants. | 17:24 |
| ignas | I thought that we are trying to lose local grants and have such things as - "person calendars" public/private will be set sitewide | 17:27 |
| ignas | i'd even think that two calendars would be better than local grants ... though probably not very feasible | 17:28 |
| th1a | Well, it is open to debate. I don't see why a person's calendar can't have a simple interface to make it public or private. | 17:28 |
| th1a | I suppose you're right that we could just force it site-wide. | 17:29 |
| th1a | But there are some other cases. | 17:30 |
| th1a | Well, it just depends on how hard ass we want to be. | 17:30 |
| th1a | But I don't see that it would be *hard*. | 17:31 |
| th1a | We aren't changing the underlying model, which works well with local grants. | 17:31 |
| th1a | It just gives you too many. | 17:32 |
| ignas | th1a: i though that we are changing at the underlying model | 17:32 |
| th1a | I don't see why we'd need to if we aren't adding relationship-based permissions. | 17:33 |
| ignas | probably we are using the term "underlying model" to mean different things | 17:34 |
| th1a | We don't need to eliminate local grants, just not require the user to deal with an impossible interface for managing them. | 17:34 |
| ignas | iirc mgedmin and alga were oposed to this way of dealing with the problem as that would try to force the new user interface upon a backend that is not suited for the job (backend being lot's of local grants upon all the objects managed individualy) | 17:38 |
| th1a | A system that only does global grants simply won't work. | 17:40 |
| th1a | We could have global+relationships perhaps. | 17:40 |
| ignas | rleationship works with global | 17:40 |
| th1a | But we don't want to do that now. | 17:40 |
| th1a | Doesn't sound quick. | 17:40 |
| ignas | the part hat fails the global model is "personal/private" calendars | 17:41 |
| *** gintas has joined #schooltool | 17:42 | |
| ignas | th1a: at the moment i am trying to spike the self relationships based on global grants | 17:43 |
| th1a | Not so much that, but sections. | 17:43 |
| th1a | Personal calendars, group calendars -- making those locally modifiable would be nice, but not essential. | 17:43 |
| th1a | But you have to be able to make a local grant on a section to its instructors. | 17:44 |
| th1a | Or something equivalent. | 17:44 |
| ignas | s/self relationships based/self and relationship based permissions/ | 17:45 |
| th1a | Yes, and we have to be able to grant people special permission to their own data. | 17:46 |
| th1a | Unless we're going to really add an "owner" role, which I don't think we are. | 17:47 |
| ignas | owner role is way to vague, and the permission required is relationship based if i understand correctly | 17:49 |
| th1a | Well, we could just do it with local grants, right? | 17:50 |
| *** alga has quit IRC | 18:19 | |
| *** thisfred has left #schooltool | 19:26 | |
| ignas | th1a: we have tried implementing a custom permission rule that would regulate the access by using logic in code (relationships, or anything else) and it sems that it is quite feasible | 19:26 |
| gintas | yeah, it's not too bad | 19:27 |
| gintas | should not be too expensive to implement the real thing | 19:27 |
| th1a | Well, perhaps we should just do that. | 19:27 |
| th1a | Global + relationships. | 19:27 |
| th1a | I'd certainly prefer it. | 19:27 |
| ignas | a lot of the job will be reviewing of all the content objects and interfaces to map them with your tables | 19:28 |
| th1a | And finishing the tables. | 19:28 |
| th1a | There is a reason we've avoided dealing with this ;-( | 19:29 |
| th1a | :-( | 19:29 |
| ignas | a bad reason ;) | 19:29 |
| th1a | But I feel better about doing it right if we can :-) | 19:29 |
| gintas | Playing further with local grants will likely lead to a dead end | 19:31 |
| ignas | migrating from local grants to proper permission management might bite if done in the middle of a school year | 19:31 |
| th1a | ignas: Certainly. | 19:32 |
| th1a | Wouldn't do that. | 19:32 |
| th1a | Hm. Is backward compatibility going to bite us in the ass? | 19:33 |
| gintas | What do you mean? | 19:33 |
| gintas | We won't keep settings specified in local grants | 19:34 |
| th1a | I mean, we're trying to support migration from SchoolTool Calendar, will that be a big problem? | 19:34 |
| gintas | Can we afford to discard information in local grants | 19:35 |
| gintas | ? | 19:36 |
| gintas | if we can, migration shouldn't be a big deal | 19:36 |
| gintas | if we can't -- then the global security model won't work | 19:36 |
| gintas | (it's less powerful than local grants) | 19:36 |
| th1a | Yes, I guess we just toss it. | 19:37 |
| th1a | I'm ok with that. | 19:37 |
| gintas | Then migration should be easy | 19:37 |
| ignas | yep, if someone had givren himself super priviledges, or made half of users unviewable - he will lose it | 19:37 |
| ignas | th1a: how big is the table going to become ? | 19:41 |
| th1a | I think I'm about half-way. | 19:42 |
| th1a | I'll have to rearrange it again, though. | 19:42 |
| ignas | and what's your ETA? | 19:46 |
| th1a | When do you need it? | 19:46 |
| ignas | the earlier we have it the earlier we can start working/ provide feedback | 19:47 |
| ignas | as this one is going to be tough on comunication | 19:47 |
| th1a | Hm... Monday? | 19:47 |
| ignas | great | 19:47 |
| th1a | OK. | 19:47 |
| ignas | we could talk about it on the next SchoolTool irc meeting then | 19:48 |
| th1a | Yes. | 19:48 |
| ignas | preliminary estimate is around 9 developer days for ACL's | 19:49 |
| ignas | and i have got 1 of the bugs fixed already ;) | 19:49 |
| ignas | not ACL bug, the resource booking calendar failure one | 19:50 |
| th1a | Good. | 19:57 |
| ignas | th1a: do we have any partner schools in Australia ? | 20:12 |
| ignas | :D | 20:12 |
| th1a | Not at this point, why? | 20:12 |
| *** alga has joined #SchoolTool | 20:13 | |
| ignas | just kidding, i am reviewing 454 | 20:14 |
| th1a | Oh, because it is a difficult timezone? | 20:15 |
| ignas | no, it's a difficult bug though it only appears in desolate places or when everyone is sleeping :) | 20:16 |
| *** vidasp has quit IRC | 20:26 | |
| *** alga has quit IRC | 20:42 | |
| srichter | marius not here? | 21:06 |
| srichter | it's hard to track him down these days | 21:06 |
| *** gintas has quit IRC | 21:08 | |
| *** ignas has quit IRC | 21:09 | |
| *** Aiste has quit IRC | 22:26 | |
| *** Aiste has joined #schooltool | 22:49 | |
Generated by irclog2html.py 2.15.1 by Marius Gedminas - find it at mg.pov.lt!