[10:28:54 CST(-0600)] <dmccallum54> TonyUnicon saw your student perms question on sss-dev. i'm going to have to defer to russ on that one
[10:29:42 CST(-0600)] <dmccallum54> i agree that a student role seems like a no-brainer, but on the finer-grained access questions, i think russ is the one who'll know how that should work
[10:29:55 CST(-0600)] <TonyUnicon> yeah I figured as much
[10:29:58 CST(-0600)] <dmccallum54> heh
[10:30:32 CST(-0600)] <TonyUnicon> i dont think permissions will be controversial but it never hurts to ask first
[10:30:43 CST(-0600)] <dmccallum54> yep. and thx for putting it on ssp-dev
[10:31:10 CST(-0600)] <dmccallum54> i see we have at least one non-Unicon client considering deployment. so keeping discussion in public like that does have value
[10:31:59 CST(-0600)] <TonyUnicon> yeah I think so, if for anything people can trace being and look at the reasoning beside the decisions made
[10:32:07 CST(-0600)] <TonyUnicon> being=back
[10:32:24 CST(-0600)] <dmccallum54> yep
[10:32:42 CST(-0600)] <TonyUnicon> right now I'm just having a look at how the permissions are implemented
[10:33:06 CST(-0600)] <TonyUnicon> permissions/roles
[10:33:13 CST(-0600)] <dmccallum54> k
[10:34:14 CST(-0600)] <dmccallum54> i think the main thing on the SSP side is that it doesn't really ever check 'roles' in the uP groups senseā¦ think it's always checking uP permissions, which get mapped one-to-one to spring security roles/grantedauthorities
[10:48:12 CST(-0600)] <TonyUnicon> but the roles are a collection of permissions essentially?
[10:48:21 CST(-0600)] <dmccallum54> correct