Variable access priority [#2139247]

I am working on a site which uses Flexi Access (working with 86b4e1a because it contains the new features which I have worked on) in conjunction with TAC. These two play really nice together in my use case, if I manually change the ACL priorities in the database, and then rebuild node access permissions.

Feature request: Let's make the priority configurable in Flexiaccess. This opens up a whole new world of possibilities for (advanced) users to integrate it with other access control modules. Given, it would not be easy to use, and the default should stay $priority=0, like it currently is (in acl.module lines 103 and 121).

Once again, I am willing to do all of the development. I would like to know if Gisle and others agree that this is useful?

Comment	File	Size	Author
#3	flexiaccess-priorities_bulkop-2139247-3.git_.patch	6.82 KB	rudolfbyker

Comments

Comment #1

rudolfbyker

Afrikaans

South Africa

commented 19 November 2013 at 16:01

Design considerations:

Setting a single priority value for all of the permissions created by the module is enough for my use case, but a more granular approach could be useful for some users. As I see it, we have many options, but could probably only choose one:

Single priority value for module.
- Easiest to implement
- Easiest to use
- Not very versatile
Per content type priority value.
- Easy to use
- Slightly more versatile
- Problematic if there are too many content types
Per node priority value (with UI on node/nid/flexiaccess).
Per user priority value (with UI on user/uid/flexiaccess).
Per grant priority value
- Basically exposes a DB column.
- Extremely granular; anything is possible.
- Hard/impossible to use if there are too many nodes and/or users.

If it's too broad, the module becomes less versatile (which is bad, because it leads to more modules being created with similar purposes).
If it's too granular, it becomes impossible to use on large sites.
Could the above be combined, or made configurable somehow?