Ticket #2809 (closed defect: fixed)

Opened 2 years ago

Last modified 2 years ago

Better handling of users with no role

Reported by: markjaquith Assigned to: markjaquith
Priority: normal Milestone: 2.1
Component: Administration Version: 2.0.2
Severity: normal Keywords: has-patch 2nd-opinion
Cc:

Description

Summary

user tables can be shared across multiple blogs, but roles and permissions are allocated on a per-blog basis. We need better handling of users with no role on the current blog.

Issues

  • In the user list, there is no role listed for people who don't have one. We should replace this with text such as "No role on this blog" and italicize it so that it appears different from the other role names.
  • * Screenshot of issue: http://img460.imageshack.us/img460/9127/wpusernoperms6ox.png
  • When you edit a user with no role on the current blog, the role dropdown list doesn't match any role, so it just uses the first one... Administrator on default setups! This means that when you edit a user via the user administration panel on a blog on which that user has no role, you have to give that user a role on the current blog, and that role will be "Administrator" if you aren't paying attention. We need to create a new entry in the dropdown list "No role on this blog" and use that for users without a role.

I'll be working on patches for these issues.

Attachments

handle_users_with_no_role.diff (3.0 kB) - added by markjaquith on 06/10/06 06:11:51.
Handle users with no role for the current blog (/trunk)

Change History

06/10/06 06:11:51 changed by markjaquith

  • attachment handle_users_with_no_role.diff added.

Handle users with no role for the current blog (/trunk)

06/10/06 06:13:57 changed by markjaquith

  • keywords set to has-patch 2nd-opinion.
  • owner changed from anonymous to markjaquith.
  • status changed from new to assigned.

Try the uploaded patch on for size. David and Owen, especially.

06/10/06 20:30:33 changed by ryan

[3859]

06/10/06 20:36:29 changed by ryan

I'd also like to split caps into create_user, delete_user, add_user, edit_user, and remove_user. That way we can have admins for each blog who can add users to and remove users from the blog and then site admins who can create and delete users.

06/10/06 20:48:11 changed by markjaquith

What would be the difference between create_user and add_user? If add_user means adding a user to the blog who already existed in the user table, how do we determine what role they're allowed to be given? We might be getting into another situation where a certain capability can be used as god-mode, e.g., adding a user to a blog as an administrator, that has more capabilities than you have.

08/25/06 00:05:14 changed by ryan

  • status changed from assigned to closed.
  • resolution set to fixed.