sharks

get started

concepts

features

syntax

 

monkeys

intro

mods

REST API

 

platypuses

github

blueprints

tickets

 

everyone

support

ideas

contact

license

 

 
 

permissions+howto

help edit space_dashboard

 

 

Basics

 

Wagn's permissions system is both powerful and simple.  It uses just 4 main kinds of rules: *create, *read, *update, and *delete.    (It currently also supports *comment rules, but that will soon be handled differently.)

 

All Wagn permissions can be assigned to any combination of Users and Roles (user group).   For example, a "Conference Call" card could be restricted so that it could be updated only by persons with the Staff role or the Board role or by Justin Blauchen (the CEO's husband).

 

Editing card permissions is just like editing any other rule; just go to "advanced" or "advanced > rules" on the card menu

 

 

Inheritance

 

A card with the compound name A+B can inherit its permissions from A.

 

Suppose we have a card named "Jin's Dossier" and another named "Jin's Dossier+overview".  The common use for such compound names is as fields.  Which is to say that the +overview card is used as a field of Jin's Dossier.  Often we want our field cards (+overview) to have the same permission as their subject (Jin's Dossier).

 

We call this pattern "inheriting" permissions,  and every Wagn comes with default create, read, update, and delete rules that make all plus cards (all cards withcompound names) inherit from their parents.  These rule can, of course be changed or overridden like any other rule.

 

 

File permissions

 

When serving files and images, many systems rely on "security through obscurity": the hope that hard-to-guess urls will prevent users from stumbling upon their files.  But as soon as the url becomes known to search engines, that approach flops.  Wagn checks for file permissions (which are no different from any other card permission) on every request, so clicking a link to a restricted file will only work for permitted users.