Add various doc updates
They are still very far from complete.
This commit is contained in:
27
docs/groups-and-roles.md
Normal file
27
docs/groups-and-roles.md
Normal file
@@ -0,0 +1,27 @@
|
||||
- Role: a named bundle of responsibilities (editor, admin, member)
|
||||
|
||||
- Group: a scope or context (org, team, project, publication)
|
||||
|
||||
- Permission / Capability (capability preferred in code): a boolean fact about
|
||||
allowed behavior
|
||||
|
||||
|
||||
## tips
|
||||
|
||||
- In the database, capabilities are boolean values. Their names should be
|
||||
verb-subject. Don't include `can` and definitely do not include `cannot`.
|
||||
|
||||
✔️ `edit_post`
|
||||
❌ `cannot_remove_comment`
|
||||
|
||||
- The capabilities table is deliberately flat. If you need to group them, use
|
||||
`.` as a delimiter and sort and filter accordingly in queries and in your
|
||||
UI.
|
||||
✔️ `blog.edit_post`
|
||||
✔️ `blog.moderate_comment`
|
||||
or
|
||||
✔️ `blog.post.edit`
|
||||
✔️ `blog.post.delete`
|
||||
✔️ `blog.comment.moderate`
|
||||
✔️ `blog.comment.edit`
|
||||
are all fine.
|
||||
Reference in New Issue
Block a user