We made all groups and namespaces public for reading.
But in some cases when we list or read them we check the authorization DB and in some cases we dont.
It would be nice to make it so that we always check the authorization database for this. Even though the groups/namespaces are public. Because if we dont do this we could decide to change the permissions in the future but because we do not always check authzed then the permissions we add in authz may not be always enforced.
We made all groups and namespaces public for reading.
But in some cases when we list or read them we check the authorization DB and in some cases we dont.
It would be nice to make it so that we always check the authorization database for this. Even though the groups/namespaces are public. Because if we dont do this we could decide to change the permissions in the future but because we do not always check authzed then the permissions we add in authz may not be always enforced.