Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
By 1am on
I've noticed a lot of discussion on group-based, fine-grained access control:
http://drupal.org/project/taxonomy_access
http://drupal.org/node/5229
http://drupal.org/node/1007
http://drupal.org/node/5499
http://drupal.org/node/5618
http://drupal.org/node/20429
and decided to throw my opinion in the mix.
phpGACL (http://phpgacl.sourceforge.net/) might be just what Drupal needs to solve this shortcoming. It's stable and should be well supported, since it is used or planned for more than one other opensource project.
I'll leave the details up to whoever makes the decisions, but basically I see it fitting like this:
Access Request Objects (ARO) defined by phpGACL would fit nicely with Drupal's current "roles" (as well as extend them).
Access eXtension Objects (AXO) defined by phpGACL would fit nicely with Drupal's Module/Taxonomy/Node ... Taxonomy.
Access Control Objects (ACO) defined by php GACL would fit nicely with Drupal's current module access control system.
