On Wed, 2003-07-09 at 16:30, Michiel Meeuwissen wrote: > Eduard Witteveen <[EMAIL PROTECTED]> wrote: > > Also the questions i asked are not answert. (I still hate the idea of > > configurable ranks. They have been introduced to know what 'sort' of > > user there is(cross security). You are now mis-using it as an substitute > > for role's. I dont care how much ranks there are, but all ranks should > > be known in all security systems.) > > Ranks, roles. Similar concepts, the only difference being perhaps that a rank is a > role with a > 'height', and can be sorted. > > What excactly would be the advantage for having all ranks in all security > implementatins? > > Yes, I could replace my security implementation, without destroying my site with > <mm:cloud > rank="myrank">
Another problem is that the mm:cloud tag does not have a 'role' parameter. If I want to have a dynamic security system where people can have multiple roles, and these define what pages they can view, I need to patch MMBase to add a 'role' parameter to the cloud tag. I would much more prefer to use the 'rank' and create my own security implementation that can test if a given user has the needed role. Johannes
