Should _Role collection be accessible to the clients? #1284
Comments
|
We should aim to parity here, before adding new fancy things no? |
|
Parity is certainly an important goal, but it needn't be the only goal. |
|
Although I'm a little confused by the issue at hand, I feel I should mention my application uses a process which involves role creation from the client SDK's and does exactly what @drew-gross described. A "friends-of" type role is created with R/W permissions set exclusively to one user, and friends are added within the users relation by that user. Being able to maintain that functionality would be nice. |
|
AFAIK, the roles were available by the clients, protected by their ACL's only no? |
|
I meant locked down my default CLPs rather than default ACLs, but if it's already open, thats fine. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently the _Role collection is not accessible to clients at all. We could configure it to be locked down by default, but otherwise adhere to regular CLPs. This could allow people to, eg. have each user create roles for "friends of " and give permissions to that role. On the other hand, that can already be accomplished via relations, so it may not make that type of app any easier.
The text was updated successfully, but these errors were encountered: