Plugins need an API that allows them to modify permissions in topics. it's not good enough any more for plugins to just modify Sets in the text, because permissions can also be in the form.

This will become even more critical when permissions are moved out of band.

---

getACL( $mode, $web, $topic ) -> ( \@allowed, \@denied )

Get the lists controlling whichl registered users are allowed to access the topic (web). The lists returned contain references to user objects.

• $mode - must be the name of an access mode e.g. VIEW or CHANGE
• $web - the web
• $topic - if undef then the setting is taken as a web setting e.g. WEBVIEW. Otherwise it is taken as a topic setting e.g. TOPICCHANGE

setACL( \@allowed, \@denied, $mode, $web, $topic )

Set the access controls on the named topic.

• \@allowed - must be a list of user objects for the people who are to be explicitly allowed access. Be careful; if it is an empty list, then that is taken as meaning that no one is allowed access. If the reference is undef, then that is taken as meaning no explicit setting.
• \@denied - must be a list of user objects for the people who are to be explicitly denied access. If it is an empty list, then that is taken as meaning that no one is denied access. If the reference is undef, then that is taken as meaning no explicit setting.
• $mode - access mode, e.g VIEW, CHANGE
• $web
• $topic - if undef, then this is the ACL for the web.

---

getACL has to be able to read from Set and the META settings. setACL should probably only write to the form.

See Plugins:FuncUserContrib for details of what I finally ended up with.

SVN 8856

CC