Closed cbalster closed 6 years ago
stephanlindauer
commented
6 years ago speaking of permissions: can you think of other stuff that needs solving to comply with GDPR regulations? so far i just removed tracking from the website and will remove the client IP from the location objects in the DB.
cbalster
commented
6 years ago @stephanlindauer That topic also crossed my mind and I will try to read up on it a little more. I will let you know if there is anything else we should take care of. @ligi Thanks, I checked a lot of the popular permission libraries before, but they all had some caveat I didn't like. Mostly related to required availability of an activity context in components where I'd like to avoid it or lack of flexibility as to where to define the actual content of the request. Both would lead to a lack of separation I tried to avoid as much as possible by implementing it the way it is right now. There's probably still room for improvement in that area, but the current solution works well enough and should suit our needs for now.
Adds basic infrastructure for requesting permissions and handling state and uses it for the existing permissions.
This is definitely not the cleanest solution and I'm not perfectly happy with it, but I think we should get this in to move forward. It would be great if you could give this a thorough test. Also suggestions regarding the wording are welcome.