I think the platform access control isn't really clear right now. What does it do? Does it allow a client to access the full platform (and therefore should give ACL rights through the provisionacl module)? Or does it only allow clients to create sites?

I think right now it does the latter, but it should really do the former. The latter (frontend site creation rights) should be done with something like #899764: Taxonomy or role-based platform access control for site creation.

Comments

anarcat’s picture

Title: clarify what the platform access control settings do » platform access control settings should allow full access to the platform

ie. including changing the makefile, the modules in sites/all, etc.

ergonlogic’s picture

Version: 6.x-0.4-alpha3 » 6.x-2.x-dev

So this would turn platform access control into a fairly basic node_access grant? This is overly complicated right now, for sure.

anarcat’s picture

correct. the idea is to give full access to some users to some platforms, to enable Aegir to be a PAAS system. this is probably related with around 30 other issues in this queue. :P

anarcat’s picture

ergonlogic’s picture

Version: 6.x-2.x-dev » 7.x-3.x-dev
Issue summary: View changes
Status: Active » Postponed

This reads like more of a feature request, and so should be against 7.x-3.x. Marking as postponed, since I don't believe anyone is working on this at the moment.