On 13 May 2015 at 12:19, Markus Schaber <m.schaber_at_codesys.com> wrote:
> Hi, Daniel,
>> Von: Daniel Shahaf [mailto:d.s_at_daniel.shahaf.name]
>> Stefan Fuhrmann wrote on Wed, May 13, 2015 at 08:21:37 +0200:
>> > Hi devs,
>> > [...]
>> > (1) Is there something fundamentally wrong with this
>> > approach, e.g. braking major use-cases?
>> How about inventing a 'c' permission, in addition to the existing 'r'
>> and 'rw', with the following semantics: if the authz file contains
>> '[/tags] alice=c', then alice is authorized to create immediate
>> children of /tags, possibly as adds-with-history, without needing
>> recursive write access to the copy destination. Would this address
>> your use-case?
> I like the general suggestion, but 'c' made me immediately think 'copy',
> which could be the right to copy the tree to somewhere else.
> Thus, I suggest 'a' for 'add', the right to add children (including their subtrees).
It's 'c' for 'create', pretty standard in the ACL world. Let's not
invent our own terminology.
Received on 2015-05-13 15:47:42 CEST