Why should you use Role names to define functionality? Because : it’s easier to check if someone belongs to a role than a group, and I can’t control what a client (or the Notes Administrator) is going to call a given group.
ACL settings for a pseudo Role-Group need to be documented perhaps in the “Using†document for a given db.
Having a Group for each Role in the ACL ( “DbName_Readerâ€; DbName_Editor_withoutDeleteâ€; “DbName_Admin†) is another good idea worth the work of setting up rather that just reusing existing group names. (and it helps avoiding deleting a group, then finding out is was used in another apllication – six days later, when the vp of X calls your boss. Then could set up general departmental user groups “Controler_BAsâ€, or some such, which you then use to you populate the application level groups.
Mapping between Groups and Roles can also be done via a profile document Once done you can send emails out to a Group, or be able to edit a Groups member directly from the database application. See : Avoiding Hard Coding of Group Names.
I’ll give you yet another good reason to use roles. You can define roles in templates and have them automatically populate when a new database is created based on that template.
Sean—