Food for thought (implementation details #2):
The concept of limiting access to folders has also come up. The MyDMS implementation is:
I had something a little more special in mind:
We should need 3 kinds of permissions to be able to carry out any and all operations in the DMS:
- Allows a folder to be displayed on your screen
- Allows viewing a folder's contents
- Allows viewing a document
The first point means that if you have no read access to a folder, it won't even be displayed to you. So, each user will not get bogged down at the user folder root; he will only be able to see his own folder.
- Allows adding a subfolder
- Allows adding a document
- Allows removing a document in the folder (but not the folder itself!)
- Allows editing document data and information
- Allows editing folder data and information, if you have write access to parent folder
- Allows moving folders and documents, if you have write access to both the source and destination folders
Editing folder data/info requires write access to the parent on the ground that changes you make to these will most probably be visible from the parent, too. Also, we don't want users to be able to e.g. rename their folders, but they need to be able to write in them. So we give them write access to their folders and read only to the user folder root.
Moving folders requires write access to the destination folder for pretty much the same reason.
- Allows a folder to be removed, recursing in all subfolders and removing all documents
- Allows the access lists for a folder to be modified
It follows that we shouldn't let users remove their user folder just because they want to, so they don't get admin access on them. However, you do get admin access on a folder you create yourself, so reorganizing their personal folder is perfectly feasible.
The only thing I 'm not sure enough about is if moving a folder should require admin access on it, instead of write.
As a final note, access levels should not be cascaded; it should be e.g. possible for one to have write access but not read access (not useful in any way I can think of, but why naively assume
that privileges have
to be cascaded?).
In addition to this, a nice system of quotas will serve very well for administration purposes. Quotas can be set for a user, for a group, or for a node. This means that by putting quota on a "course" node, we limit the size of the files that can be uploaded into that course, no matter who does the uploading. That may be desirable sometimes. Or we may use a quota for the students higher that the quota imposed on their personal folders, thus making sure that no student can be unable to upload
an assignment because he has filled his personal folder to the limit.