PyLucid need a enhanced user management and permissions system. Here we can brainstorm ideas around this.

permissions

must have

IMHO we need this type of users:

• Anonymous (not logged in)
  • Can only use public things
• restricted user
  • can log in
  • must have at least one usergroup
  • can only use plugin methods if he is in a usergroup who can use it
  • can see pages restricted to this usergroup
  • e.g.:
    • A small user group should use a non-public PyLucid Plugin
• normal user
  • A user who can create/edit cms pages
  • Can see some points in the sub menu
  • Can't login into django admin panel (no a staff user)
  • e.g.:
    • For users how should have a simple way for change content (See only the important internal sections for editing pages)
• staff user
  • Can login into djang admin panel (Security hole, because he can manipulate everything???)
  • Can use the most parts of PyLucid
• super user
  • Can do anything

Links

• ticket:147
• http://pylucid.org/phpBB2/viewtopic.php?t=186