defradb icon indicating copy to clipboard operation
defradb copied to clipboard

Published 20 hours ago verified publisher icon sourcenetwork

ACP - Permissioned Views

Open shahzadlone opened this issue 1 year ago • 0 comments

Design discussed on discord, thread dev-db.ACP and Defra Views: https://discord.com/channels/427944769851752448/1230212057731829850

To create a view, the user creating the view needs access to the underlying documents/fields. Once created, the view is a standalone entity that has its own ACP policy defined by the user creating the view. It can then be shared however the view creator sees fit. This is akin to a user having access to documents, making a copy and sharing as he pleases. We shouldn't try to be clever and pretend we can prevent access to data beyond the first shared access.

This means that Views should essentially bypass document ACP when queried, instead views (and later their view items) will have their own policies/ACP-stuff.

Later we can look at further complicating this system with peek-like document permission (see discord thread for some rough ideas on that).

shahzadlone avatar Nov 05 '23 13:11 shahzadlone