← Previous Change
06/18/09 09:29:32 (
Ticket #10201 – Description
See IRC discussions from June 18th 2009
summary courtesy of DD32:
My points from what i know:
* The current role system is rather complicated, But has a lot of flexibility
* A lot of the flexibility isn't even used by most (ie. the ability to have a user with a Roll + a single capability)
* The role system starts having trouble with a high number of users
* To look up every user with a certain cap. it requires loading all the users, and then checking individually.
The proposed changes are:
* That we reduce the complex system to something much more simple:
* Roles are retained,
* Limit users to 1 role (This would be on a per-blog basis, based off the permission prefix thinggi..)
* Remove the ability for a user to be part of a Role, and have an extra capability added on top of that.
* This has the ability to significantly increase performance, As now:
* Looking up users with a specific cap is easy:
* Filter the role list for roles with that cap
* SQL the usermeta table for users in those roles
* Select those users (if needed, else return the ID's)
* An upgrade path is available which doesnt require extra tables, and reduces the ammount of serialization
* The other option is a whole new set of tables.. which.. those who are sane (And there are some insane people in WP Dev..) realise that its not really needed.
* Fine grain control has never been possible from WP without a plugin, Nothing would change here, If a user wants fine grained control over permissions, They'd still have to run a plugin, Its just that that plugin may have to do more heavy lifting now -- since wordpress's API/role system would be simpler and not support the extra fangledangles.