[jira] [Commented] (ISIS-2810) Rework HiddenTypeFacetDerivedFromAuthorization to be based on explicit type action.

Tue, 20 Jul 2021 23:44:54 -0700 


    [ 
https://issues.apache.org/jira/browse/ISIS-2810?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17384685#comment-17384685
 ] 

ASF subversion and git services commented on ISIS-2810:
-------------------------------------------------------

Commit fcc6a3a882e54e3834f098f07b0196052c94d07a in isis's branch 
refs/heads/2573_entity.ch.tr from Andi Huber
[ https://gitbox.apache.org/repos/asf?p=isis.git;h=fcc6a3a ]

ISIS-2810: some housekeeping around ObjectVisibilityContext

> Rework HiddenTypeFacetDerivedFromAuthorization to be based on explicit type 
> action.
> -----------------------------------------------------------------------------------
>
>                 Key: ISIS-2810
>                 URL: https://issues.apache.org/jira/browse/ISIS-2810
>             Project: Isis
>          Issue Type: Improvement
>          Components: Isis Core
>    Affects Versions: 2.0.0-M5
>            Reporter: Daniel Keir Haywood
>            Priority: Minor
>             Fix For: 2.0.0-M6
>
>
> The current behaviour of the NavigationFacetDerivedFromHiddenType, which is 
> derived from HiddenTypeFacetDerivedFromAuthorizaion (the only implementation 
> of HiddenTypeFacet) is difficult to comprehend and might be considered too 
> strict ... see for example this thread: 
> [https://the-asf.slack.com/archives/CFC42LWBV/p1626757648322200?thread_ts=1626754801.321200&cid=CFC42LWBV.]
>  
> An alternative design has been suggested for 
> HiddenTypeFacetDerivedFromAuthorizaion that is based not on whether there are 
> any members visible, but simply on whether the type has been explicitly 
> hidden (or perhaps implicitly inherited from the namespace).  For more info, 
> pick up the thread here: 
> https://the-asf.slack.com/archives/CFC42LWBV/p1626778227337200?thread_ts=1626754801.321200&cid=CFC42LWBV
> Perhaps a configuration flag should determine the behaviour of its facet 
> factory easy to configure:
>  * EXPLICIT_TYPE_PERMISSIONS  (this is the default)
>  * DERIVED_FROM_MEMBER_PERMISSIONS (collections, properties and actions)
>  * DERIVED_FROM_ASSOCIATION_PERMISSIONS (collections + properties but not 
> actions)
>  * DERIVED_FROM_PROPERTIES_PERMISSIONS
>  * NONE ... effectively disable



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to