At the RAWR-Designs camp we have been talking today on MSN about creating a proper external admin panel for HFS. The one created
here by Ryan J, is great as a proof of concept because it has shown some possible flaws in the way this would work. For instance having to go in and out of pages is irritating, and having to memorise accounts is also. So we would use a mix of Flash or JavaScript and some AHAH for dynamic updating.
First of all, when editing a parameter of a file or folder, for access rights, if you edit a sub-folder of a real-folder, does this edited file or folder and its related directory now appear in the HFS Virtual File System?
What if you turn off download or other access rights for a sub-folder, you can only turn it back on using this external admin panel?
Now, I think for security and simplicity reasons, detecting manually in the template if a user is called 'admin' is not enough. I think a macro like {.get|is admin.} is required. And in the Account Properties of HFS we can place next to 'Enabled, Group, Ignore Limits' a property called 'Administrator'. I think this setting should be used to give the account supreme power. This setting would be great for the HFS owner or nominated administrators. Of course you can then go out of the account properties and turn off certain things after this setting has been set, but as a default setting 'Administrator' would grant supreme power.
I am just concerned that editing the template file to have your preferred username is hard for someone that doesn't know what macro is. What if you want to allow a group of people? or another user who deserves supreme power over the HFS? how will they access the administration panel? So my suggestion is a macro like the following:
{.if|{.get|is admin.}|Pew|Pew.}