rurwin wrote on 30 Jun 2010 13:42
Multiple User-groups has been rejected.
How-about if we could give ListPages et al the permissions of a user?
So if Page A was last updated by user B, then any modules on page A access private categories as if they were user B.
That would allow moderators and admins to craft portals into private categories to expose exactly what they want exposed. A random user will see what has been exposed to him/her, but cannot browse the private category.
With a judicious application of [[includes]] and ListUsers, this would give us most, if not all, of the advantages of multiple user-groups.
To prevent inadvertent security leaks, you would probably want to configure this "sticky permissions" behaviour on a category-by-category basis, (so page A only takes the permissions of user B if page A is in a "sticky permissions" category,) or even a page-by-page basis.