Open elv-serban opened 1 year ago
Discussion with Marc and Zenia.
Marc's analysis based on reviewing the code: Pre V3: Only the owner of an object can delete it. V3: The owner cannot delete the object unless he is also a library manager of that library, a non owner manager can also delete the object.
Demo is on V3 Prod is on V2
OBJECTIVE
Create a fabric browser group permissions flow that works correctly for library operations.
BACKGROUD
There are two sets of access controls for libraries:
Library specific permissions controlling what can be done with content inside the library
Regular object permissions
CURRENT SITUATION
We expose the 3 permissions that are library specific.
We don't expose the regular object permissions see/access/edit - these can only be accessed through the contract methods directly.
PROPOSAL
Theoretically we have 6 permissions to configure:
But only some of them are useful:
So my proposal is to expose the following:
PROPOSAL
Instead of the current:
Selector of one of the following 3 options (radio buttons or picker, something like that)
"View"
"Contribute"
"Manage"