I think permissions have now become a complex enough issue that we need to anoint one person – not me – to be the Permissions Tsar, understanding the system top to bottom. That person will understand what Cate and the SIGs are trying to achieve, what facilities are provided by the back-end, what our permission-naming conventions are, how we aggregate low-level permissions, what kinds of permission-sets are defined by back-end modules and what kinds in UI modules, etc. There is too much of this, and it threads through too much of the whole system, for all of us to try to understand it for our own application areas.
His response:
WRT to Permissions Tsar, I don't think it is a scalable approach in the 2 teams of 20 developers and 3 external partners with their own teams. Permissions are an essential aspect of the FOLIO Platform, they permeate both the backend and the frontend and you can hardly implement any functionality without understanding how to use the model.
Instead, let's discuss what can/should be done to make information about the model more accessible. More conceptual information in one place? Examples? I suspect the existing documentation is mixing the implementation details (critical to the core team members working on Okapi and mod-authtoken/login/etc) with explanation on how to consume and define permissions, and this can be remedied.
We'll talk this through in more detail and figure out how to get a better grip on the many interlocking problems of permissions.
Oh, stupid me! You added it to demo 23, not sprint 23!
OK, forget I said anything
But I agree, I don't have much reason to be on that demo. Someone else can certainly present the link to that document.
Cate Boerema October 5, 2017 at 2:29 PM
I just added the "demo23" label because I thought you might want to show this document during the demo. However, it doesn't look like you've got anything else for Tuesday's demo. Not sure if it's really worth having you jump on to show this document alone. Thoughts?
Mike Taylor October 5, 2017 at 2:24 PM
Why did we add this into sprint23? I closed it some time ago.
I think we're very nearly there now. I created and eventually resolved a ton of issue related to permissions. I do have a bit more writing up left to do, summarising the right way to use the system that has emerged. But that can wait for next week.
Email to Jakub:
His response:
We'll talk this through in more detail and figure out how to get a better grip on the many interlocking problems of permissions.