Hello Jeff,

thanks for creating Simple Access, it's a gorgeous idea. There is one thing that bugs me, and I'd like to share that before I try the module out for real -- and I will, and then I'll add more bug reports / feature requests :-)

I don't use roles to group users in teams, but really to put transversal, site-wide permission profiles, and I guess that's the way roles are meant to be used.

It seems weird that the access selection is done by an access group of user roles. Wouldn't it be simpler (no pun intended) to either have a selection of users here?

Thanks.

Comments

jjeff’s picture

Status: Active » Postponed

Hi Gabriel,

I understand where you're coming from on this, but unfortunately I don't have the time right now to add the ability to add individual users to access groups in a way that is elegant and "simple".

You say "I don't use roles to group users in teams", but my view is that is precisely what roles are for.

My concept was that different "types" of users would probably have different roles (even if there are only a few users in that role) and for that reason, it's probably best to assign by role rather than user. Also roles can be assigned to users on their user page, so users can be assigned new access privileges (for both nodes and modules) all in one fell swoop. That probably wouldn't be able to happen unless I were to add an assignment for simple access groups onto the user pages... and then I would have just duplicated the functionality of roles.

However, I know that everyone uses Drupal differently, and some people don't like the idea of having to create a special role just so that one person can see their private nodes - not to mention the fact that the more roles you have, the harder it is to navigate the 'admin/access' page! (I've submitted a patch to help with that.)

I'm going to mark this as "postponed" and I'd love to hear some more views on this (from both sides) if anyone wants to chime in.

Gabriel R.’s picture

Thanks for the answer Jeff.

Reading my previous comment, I just realized that another alternative I wanted to propose was cut off. (Probably my fault, it was written in hurry.)

So, there IS another, more elegant way: let the user select directly the *roles* for each operation, and don't create any other *groups* of roles.

Now, I understand you are using roles to create teams and sub-teams, so this can make for a huge and unusable form in your case. Maybe you could use a control like the categories selector in MT 3.2?

In any case, working with roles instead of having to create groups of roles will make life easier for the vast majority of us :-)

Thanks again.

jjeff’s picture

Well that would be node_privacy_byrole.module, wouldn't it? ;-)

The idea of the indirect role assignment in Simple Access is to keep the access permissions simple on the node add/edit page.

The ultimate simplicity would be to have one single checkbox like this:
"Allow viewing only by:
[ ] Users who can see private stuff"
regardless of how many roles you've got defined for your site.

On my current site, there are about 10 different roles defined. The main site administrators are not technical and therefore don't have access to the Simple Access setup stuff. But I've set it up so that all that they see on the node add/edit pages are the access groups (of roles) that "matter" to node privacy.

So as example:

Site roles:
- Authenticated User
- Member Level 1
- Member Level 2
- Member Level 3
- Admin
- SuperAdmin
- Blogger
- Moderator

Site access groups:
- Members
- Administrators
- Logged-in Users

Simpler, yes?

-Jeff

Gabriel R.’s picture

> Well that would be node_privacy_byrole.module, wouldn't it? ;-)

Uhm, yes, that actually exactly what I needed :-D

For me this one works better. I mean, if it works as advertised.

Thanks for the tip.

Gabriel R.’s picture

node_privacy_byrole: been there, done that, now I'm back.

- It doesn't look as good as Simple Access. The simple cassette for the access options next to the node administration options is great.

- It doesn't work. It's not impossible that I did something wrong, but it failed my logic.

- The idea of access groups sounds better all of a sudden :-)

Gabriel R.’s picture

A way to add users to an access group instead of adding roles is still something I'd be interested in.

Dublin Drupaller’s picture

I too am looking for an access role group instead of adding roles solution..

Dub

gordon’s picture

Status: Postponed » Closed (won't fix)