[
https://issues.apache.org/jira/browse/ISIS-2810?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Daniel Keir Haywood updated ISIS-2810:
--------------------------------------
Fix Version/s: (was: 2.0.0-M7)
Description:
... by reworking HiddenTypeFacetDerivedFromAuthorization to be based on
explicit type action.
*discussion:*
The current behaviour of the NavigationFacetDerivedFromHiddenType, which is
derived from HiddenTypeFacetDerivedFromAuthorizaion (the only implementation of
HiddenTypeFacet) is difficult to comprehend and might be considered too strict
... see for example this thread:
[https://the-asf.slack.com/archives/CFC42LWBV/p1626757648322200?thread_ts=1626754801.321200&cid=CFC42LWBV.]
An alternative design has been suggested for
HiddenTypeFacetDerivedFromAuthorizaion that is based not on whether there are
any members visible, but simply on whether the type has been explicitly hidden
(or perhaps implicitly inherited from the namespace). For more info, pick up
the thread here:
[https://the-asf.slack.com/archives/CFC42LWBV/p1626778227337200?thread_ts=1626754801.321200&cid=CFC42LWBV]
Perhaps a configuration flag should determine the behaviour of its facet
factory easy to configure:
* EXPLICIT_TYPE_PERMISSIONS (this is the default)
* DERIVED_FROM_MEMBER_PERMISSIONS (collections, properties and actions)
* DERIVED_FROM_ASSOCIATION_PERMISSIONS (collections + properties but not
actions)
* DERIVED_FROM_PROPERTIES_PERMISSIONS
* NONE ... effectively disable
was:
The current behaviour of the NavigationFacetDerivedFromHiddenType, which is
derived from HiddenTypeFacetDerivedFromAuthorizaion (the only implementation of
HiddenTypeFacet) is difficult to comprehend and might be considered too strict
... see for example this thread:
[https://the-asf.slack.com/archives/CFC42LWBV/p1626757648322200?thread_ts=1626754801.321200&cid=CFC42LWBV.]
An alternative design has been suggested for
HiddenTypeFacetDerivedFromAuthorizaion that is based not on whether there are
any members visible, but simply on whether the type has been explicitly hidden
(or perhaps implicitly inherited from the namespace). For more info, pick up
the thread here:
https://the-asf.slack.com/archives/CFC42LWBV/p1626778227337200?thread_ts=1626754801.321200&cid=CFC42LWBV
Perhaps a configuration flag should determine the behaviour of its facet
factory easy to configure:
* EXPLICIT_TYPE_PERMISSIONS (this is the default)
* DERIVED_FROM_MEMBER_PERMISSIONS (collections, properties and actions)
* DERIVED_FROM_ASSOCIATION_PERMISSIONS (collections + properties but not
actions)
* DERIVED_FROM_PROPERTIES_PERMISSIONS
* NONE ... effectively disable
Summary: [is this required?] secman - introduce explicit permissions
for type (was: Rework HiddenTypeFacetDerivedFromAuthorization to be based on
explicit type action.)
> [is this required?] secman - introduce explicit permissions for type
> --------------------------------------------------------------------
>
> Key: ISIS-2810
> URL: https://issues.apache.org/jira/browse/ISIS-2810
> Project: Isis
> Issue Type: Improvement
> Components: Isis Core
> Affects Versions: 2.0.0-M5
> Reporter: Daniel Keir Haywood
> Assignee: Daniel Keir Haywood
> Priority: Minor
>
> ... by reworking HiddenTypeFacetDerivedFromAuthorization to be based on
> explicit type action.
> *discussion:*
> The current behaviour of the NavigationFacetDerivedFromHiddenType, which is
> derived from HiddenTypeFacetDerivedFromAuthorizaion (the only implementation
> of HiddenTypeFacet) is difficult to comprehend and might be considered too
> strict ... see for example this thread:
> [https://the-asf.slack.com/archives/CFC42LWBV/p1626757648322200?thread_ts=1626754801.321200&cid=CFC42LWBV.]
>
> An alternative design has been suggested for
> HiddenTypeFacetDerivedFromAuthorizaion that is based not on whether there are
> any members visible, but simply on whether the type has been explicitly
> hidden (or perhaps implicitly inherited from the namespace). For more info,
> pick up the thread here:
> [https://the-asf.slack.com/archives/CFC42LWBV/p1626778227337200?thread_ts=1626754801.321200&cid=CFC42LWBV]
> Perhaps a configuration flag should determine the behaviour of its facet
> factory easy to configure:
> * EXPLICIT_TYPE_PERMISSIONS (this is the default)
> * DERIVED_FROM_MEMBER_PERMISSIONS (collections, properties and actions)
> * DERIVED_FROM_ASSOCIATION_PERMISSIONS (collections + properties but not
> actions)
> * DERIVED_FROM_PROPERTIES_PERMISSIONS
> * NONE ... effectively disable
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
