Make WordPress Core

Changes between Initial Version and Version 9 of Ticket #10201

06/18/09 09:29:32 (6 years ago)


  • Ticket #10201

    • Property Owner set to Denis-de-Bernardy
    • Property Status changed from new to accepted
    • Property Component changed from General to Role/Capability
    • Property Keywords 2nd-opinion added
  • Ticket #10201 – Description

    initial v9  
    11See IRC discussions from June 18th 2009 
     5summary courtesy of DD32: 
     7My points from what i know: 
     9 * The current role system is rather complicated, But has a lot of flexibility 
     10 * A lot of the flexibility isn't even used by most (ie. the ability to have a user with a Roll + a single capability) 
     11 * The role system starts having trouble with a high number of users 
     12   * To look up every user with a certain cap. it requires loading all the users, and then checking individually.  
     14The proposed changes are: 
     16 * That we reduce the complex system to something much more simple: 
     17   * Roles are retained, 
     18   * However: 
     19     * Limit users to 1 role (This would be on a per-blog basis, based off the permission prefix thinggi..) 
     20     * Remove the ability for a user to be part of a Role, and have an extra capability added on top of that.  
     21 * This has the ability to significantly increase performance, As now: 
     22   * Looking up users with a specific cap is easy: 
     23     * Filter the role list for roles with that cap 
     24     * SQL the usermeta table for users in those roles 
     25     * Select those users (if needed, else return the ID's)  
     26 * An upgrade path is available which doesnt require extra tables, and reduces the ammount of serialization 
     27   * The other option is a whole new set of tables.. which.. those who are sane (And there are some insane people in WP Dev..) realise that its not really needed.  
     28 * Fine grain control has never been possible from WP without a plugin, Nothing would change here, If a user wants fine grained control over permissions, They'd still have to run a plugin, Its just that that plugin may have to do more heavy lifting now -- since wordpress's API/role system would be simpler and not support the extra fangledangles.