[dev] Horde_Group Refactoring for Horde4

[Chuck Hagenbuch]

Quoting Ben Klang <bklang at horde.org>:

>> I would vote to make groups flat, but if possible, to allow groups  
>> to be members of other groups. Not children in a tree, but flat  
>> members. That way questions are always based on whether or not the  
>> group being originally checked contains the user, or a group that  
>> contains the user.
>
> While I can see an argument for allowing groups to be members of  
> groups (primarily: convenience) it does raise a few technical  
> questions:
>
> 1) We would need to add checks to avoid cyclical memberships.

Yup.

> 2) Do we continue traversing the group tree indefinitely?  What if  
> Group A is a member of B which is a member of C which is a member of  
> D....

Well, yes, it should work that way. In terms of implementation  
concerns, we can pre-calculate that (essentially a materialized view,  
in database speak).

> 3) I still want to be able to see at a glance all members of a  
> certain group.  This takes the guesswork out of applying security  
> settings.  I want to be able to look in one place and know for sure  
> to which users this group security setting applies.  We would need  
> to accommodate this in the UI somehow to display "implied" (for lack  
> of a better workd) group members.

This seems like a policy *you* want to enforce, so you could just  
avoid nesting groups. I don't think everyone will have this as a  
requirement.

-chuck