A little confused by the implementations of permissions in MT41 – Are these ‘permission tokens’, fragments of data that exist independently of the user-object? I mean I get it that:
user + blog + role = permission
but how does this interface (or datastructure?) express nested permissions? Or in other words, shouldn’t the “moderator” role for user = James be superceded by his “administrator” role?
New stuff from 6A is usually rock solid so I’m guessing there’s a valid reason for the above…