[Cubicweb] RRQLExpression and ERQLExpression
aurelien.campeas at logilab.fr
Tue Apr 15 18:05:18 CEST 2014
On 15/04/2014 17:44, Jinpeng Li wrote:
> I can read a lot of other information from the system. From this point,
> I don't know if it is a good idea that "all users should be in the
> 'users' group".
This is a very lenient default and could be tightened, indeed.
In practice, application writers may want their own policy for
"users", or even a subtle partition over those (e.g. from "registered
but read-only people") to some kind of power users.
It is not completely easy ... I guess this is what Sylvain alludes to
when he says we're thinking about it.
You can always:
* monkeypatch the relevant etype/rtype permissions (right up to
cubicweb and the cubes you depend on)
* monkeypatch the _default_ permission dictionaries if needed. Here be
some dragons but it is doable.
More information about the Cubicweb