Default user role

[MagicJF]

Now all users are created by Admin and the role of new user is empty unless admin changes it.

Once we do have Anonym acces, we should allow visitors to create a user account for themselves.

Therefore, the admin should e able to pre-configure in advance which amount of freedom is granted for this self-created accounts, (probably you want the just created users to be able to read and also write in the wiki).

And this default role for self-created accounts is passed through ACL to validate actions (usual stuff).

Edit:
Probably the role assignment is a feature susceptible of being delegated, for example a "medium privilege user" that does have write permissions but not admin permissions to a bag, might raise the permissions of a basic user from just read up to "medium privilege user's trust level" (aka write acces)

[pmario]

And this default role for self-created accounts is passed through ACL to validate actions (usual stuff).

I think for the beginning the whole system should be invite only. So it should not be possible for anonymous users to create new wikis.

We can allow anon users to visit a read-only wiki, that uses the core local-storage plugin. So anon users can test the wiki, without saving any data back to MWS.

After users are invited and an account was created for them, they should be able to create new wikis with write access.

---

If anon users can create writeable wikis, every server will get spammed immediately.

[MagicJF]

Agree anon users shouldn't be able to write in already existing wikis. But it's ok to allow them to write in a private clone of that wiki.

• Anon user visits a wiki they would like to customize.
• Anon user signs in and receives a new provisioned url that is the same wiki they visited before but with write permissions.

This implies the auto creation of a recipe with a new private topmost bag.

Use case example:
You can visit your own MWS Documentation URL, with custom personalization but at the same time always updated docs. This allows you to extend the docs and add notes.

The auto created recipe puts a private bag just for you, on top of all previous bags

Question:
I think we already talked about it but....
In this scenario, by updating/personalizing a tiddler are you loosing future update rights?

If you edit a tiddler, a copy of it is stored in your private topmost bag and therefore will always overwrite the one provided by the public bag (even if it receives updates)

In this scenario the server should notify the user that X tiddler was modified by source and ask if want to keep your custom version, the new one or a merge of both