summaryrefslogtreecommitdiff
path: root/README.rdoc
diff options
context:
space:
mode:
Diffstat (limited to 'README.rdoc')
-rw-r--r--README.rdoc33
1 files changed, 27 insertions, 6 deletions
diff --git a/README.rdoc b/README.rdoc
index cf63748..1172fc8 100644
--- a/README.rdoc
+++ b/README.rdoc
@@ -112,9 +112,30 @@ of a page, another wouldn't.
112Keywords and other meta data can be used to aggregate any ammount of pages 112Keywords and other meta data can be used to aggregate any ammount of pages
113into the body of another page. 113into the body of another page.
114 114
115<aggregate 115 <aggregate
116 tags="update pressemitteilung" 116 tags="update pressemitteilung"
117 limit="20" 117 limit="20"
118 order_by="published_at" 118 order_by="published_at"
119 order_direction="DESC" 119 order_direction="DESC"
120/> \ No newline at end of file 120 />
121
122===Permissions
123
124The permission system is geared towards our use-case which means you won't find
125the standard create/update/destroy derived permissions.
126Every user without having any permissions is allowed to perform non-destructive
127tasks that won't affect the frontend (published pages). What am I talking about?
128
129Bob has no permissions whatsoever still he is allowed to edit a #Page anywhere,
130because this action will only create a new revision of the #Page which is not
131immediately published. He won't be able to manipulate a #Node in any way
132(unique_name, slug, ordering, structure) because this would affect the frontend
133without further notice.
134
135Having a #Permission on a #Node makes Bob an admin for this #Node and all it's
136children. Now Bob can do pretty much anything on these nodes including such fun
137things as:
138 - Create/Update/Delete a #Node
139 - Reorder children of the #Node
140 - Rejecting a draft and telling the author to get his/her spelling right.
141 - Clear a stale lock on a #Node \ No newline at end of file