IRC log of #schooltool for Thursday, 2006-05-04

*** Hwyvar has joined #schooltool01:49
*** Hwyvar has quit IRC01:52
*** Hwyvar has joined #schooltool01:52
*** didymo has joined #schooltool02:40
*** pcardune has joined #schooltool04:03
*** pcardune is now known as pcarduner_dinner04:20
*** jinty has quit IRC10:20
*** srichter has quit IRC10:47
*** srichter has joined #schooltool10:47
*** srichter has quit IRC11:40
*** srichter has joined #schooltool11:42
*** didymo has quit IRC11:55
*** jinty has joined #schooltool12:04
*** thisfred has joined #schooltool12:50
*** mgedmin has joined #schooltool12:50
*** vidasp has joined #schooltool12:54
*** ignas has joined #schooltool12:57
*** Aiste has quit IRC13:07
*** Aiste has joined #schooltool13:33
*** jinty has quit IRC13:38
*** alga has joined #SchoolTool13:40
povbot/svn/commits: * ignas committed revision 6014:13:57
povbot/svn/commits: Fix for issue 472: Deleting booked resource makes calendar unviewable.13:57
ignasth1a: ping15:38
ignas_group_based_cashed_prinper16:23
*** mgedmin has quit IRC16:43
ignashttp://www.phidgetsusa.com/16:55
th1aignas: pong.17:08
ignasouch17:08
ignasthe link was in the wrong channel17:08
ignasapparently17:08
ignasHave we decided upon the scope of the ACL story ?17:09
ignasFrom what i have gathered, we will need self permissions and group permissions for schooltool 200617:10
ignasand a sane permission editing view17:10
ignaswith global grants replacing local grantds17:10
th1aYes.17:11
th1aWe still need local grants for some things.17:12
ignaslike what ?17:12
th1aDid I send the revised table that doesn't have the relationship permissions?17:14
ignasyes17:15
ignaswhat is meant by "Owner" ?17:16
ignashow are owned objects defined ?17:16
th1aVaguely :-)17:18
th1aWhat I've been doing is writing in the cell when some kind of relationship is unavoidable.17:21
th1aThis comes into play at the end with the section permissions.17:21
th1aI can remove the word "owner" there more easily than explaining or justifying it.17:22
ignasit still leaves the problem17:22
ignassections17:22
ignaswhich requires either local grants or relationship based permssions :/17:22
th1aLocal grants.17:23
ignaslocal grants don't really play nicely with the new permission concept17:24
th1aAlso, there are a few lines there that attempt to indicate the need for a local grant like "Person's calendar public?"17:24
th1aWell, as long as you know which ones need local grants.17:24
ignasI thought that we are trying to lose local grants and have such things as - "person calendars" public/private will be set sitewide17:27
ignasi'd even think that two calendars would be better than local grants ... though probably not very feasible17:28
th1aWell, it is open to debate.  I don't see why a person's calendar can't have a simple interface to make it public or private.17:28
th1aI suppose you're right that we could just force it site-wide.17:29
th1aBut there are some other cases.17:30
th1aWell, it just depends on how hard ass we want to be.17:30
th1aBut I don't see that it would be *hard*.17:31
th1aWe aren't changing the underlying model, which works well with local grants.17:31
th1aIt just gives you too many.17:32
ignasth1a: i though that we are changing at the underlying model17:32
th1aI don't see why we'd need to if we aren't adding relationship-based permissions.17:33
ignasprobably we are using the term "underlying model" to mean different things17:34
th1aWe don't need to eliminate local grants, just not require the user to deal with an impossible interface for managing them.17:34
ignasiirc mgedmin and alga were oposed to this way of dealing with the problem as that would try to force the new user interface upon a backend that is not suited for the job (backend being lot's of local grants upon all the objects managed individualy)17:38
th1aA system that only does global grants simply won't work.17:40
th1aWe could have global+relationships perhaps.17:40
ignasrleationship works with global17:40
th1aBut we don't want to do that now.17:40
th1aDoesn't sound quick.17:40
ignasthe part hat fails the global model is "personal/private" calendars17:41
*** gintas has joined #schooltool17:42
ignasth1a: at the moment i am trying to spike the self relationships based on global grants17:43
th1aNot so much that, but sections.17:43
th1aPersonal calendars, group calendars -- making those locally modifiable would be nice, but not essential.17:43
th1aBut you have to be able to make a local grant on a section to its instructors.17:44
th1aOr something equivalent.17:44
ignass/self relationships based/self and relationship based permissions/17:45
th1aYes, and we have to be able to grant people special permission to their own data.17:46
th1aUnless we're going to really add an "owner" role, which I don't think we are.17:47
ignasowner role is way to vague, and the permission required is relationship based if i understand correctly17:49
th1aWell, we could just do it with local grants, right?17:50
*** alga has quit IRC18:19
*** thisfred has left #schooltool19:26
ignasth1a: we have tried implementing a custom permission rule that would regulate the access by using logic in code (relationships, or anything else) and it sems that it is quite feasible19:26
gintasyeah, it's not too bad19:27
gintasshould not be too expensive to implement the real thing19:27
th1aWell, perhaps we should just do that.19:27
th1aGlobal + relationships.19:27
th1aI'd certainly prefer it.19:27
ignasa lot of the job will be reviewing of all the content objects and interfaces to map them with your tables19:28
th1aAnd finishing the tables.19:28
th1aThere is a reason we've avoided dealing with this ;-(19:29
th1a:-(19:29
ignasa bad reason ;)19:29
th1aBut I feel better about doing it right if we can :-)19:29
gintasPlaying further with local grants will likely lead to a dead end19:31
ignasmigrating from local grants to proper permission management might bite if done in the middle of a school year19:31
th1aignas:  Certainly.19:32
th1aWouldn't do that.19:32
th1aHm.  Is backward compatibility going to bite us in the ass?19:33
gintasWhat do you mean?19:33
gintasWe won't keep settings specified in local grants19:34
th1aI mean, we're trying to support migration from SchoolTool Calendar, will that be a big problem?19:34
gintasCan we afford to discard information in local grants19:35
gintas?19:36
gintasif we can, migration shouldn't be a big deal19:36
gintasif we can't -- then the global security model won't work19:36
gintas(it's less powerful than local grants)19:36
th1aYes, I guess we just toss it.19:37
th1aI'm ok with that.19:37
gintasThen migration should be easy19:37
ignasyep, if someone had givren himself super priviledges, or made half of users unviewable - he will lose it19:37
ignasth1a: how big is the table going to become ?19:41
th1aI think I'm about half-way.19:42
th1aI'll have to rearrange it again, though.19:42
ignasand what's your ETA?19:46
th1aWhen do you need it?19:46
ignasthe earlier we have it the earlier we can start working/ provide feedback19:47
ignasas this one is going to be tough on comunication19:47
th1aHm... Monday?19:47
ignasgreat19:47
th1aOK.19:47
ignaswe could talk about it on the next SchoolTool irc meeting then19:48
th1aYes.19:48
ignaspreliminary estimate is around 9 developer days for ACL's19:49
ignasand i have got 1 of the bugs fixed already ;)19:49
ignasnot ACL bug, the resource booking calendar failure one19:50
th1aGood.19:57
ignasth1a: do we have any partner schools in Australia ?20:12
ignas:D20:12
th1aNot at this point, why?20:12
*** alga has joined #SchoolTool20:13
ignasjust kidding, i am reviewing 45420:14
th1aOh, because it is a difficult timezone?20:15
ignasno, it's a difficult bug though it only appears in desolate places or when everyone is sleeping :)20:16
*** vidasp has quit IRC20:26
*** alga has quit IRC20:42
srichtermarius not here?21:06
srichterit's hard to track him down these days21:06
*** gintas has quit IRC21:08
*** ignas has quit IRC21:09
*** Aiste has quit IRC22:26
*** Aiste has joined #schooltool22:49

Generated by irclog2html.py 2.15.1 by Marius Gedminas - find it at mg.pov.lt!