Hey SO.
I'm throwing together a fun little (or not so little) community application. The current permission system is using the users->roles->permissions approach. This all works well until I come to building a forum-ish component, as the current system only allows for a "global" control over the entire board, and not specific forums.
Originally I was just doing to go for a bunch of flags (read_only, staff_only, etc) though I'd really want to have the ability enforce permissions across each forum the same way I do for everything else (eg. view_forum, create_thread, edit_own_post, edit_all_post, etc). I'm going to have a peak at how existing packages manage their authorization, though I'm wondering if anyone here can give some insight into how they would go about doing this.