I'll be basing the new permissions of that system for Traq 3.0, and it will work something like this:
// Fetch the permissions for the project and users group Check if the permissions table contains a row with project_id of 1 and group_id of 3 Return permission set Otherwise Return permission set with project_id of 0 and group_id of 3 // Check if the user has permission to create a new ticket if ($project->permission(current_user()->group_id, 'create_tickets') // Show new ticket page.
What do I mean by get the permission set with the project_id of 0?
Projects don't need to set permissions for user groups. Think of it like a forum and you have inheritance.
If the project doesn't have it's own permissions for a specific group, it will inherit them from the default permissions for that group.