Sharing single records

[leplatrem]

Would it make sense to be able to add/remove an identifier to/from records authors ?

It would at least allow sharing per record (imagine a record is a slideshow you want to publish or redact collaboratively).

Related #222

[Natim]

Yes it is the plan.

[leplatrem]

Imagine a model with private records (read_own_records, update_own_records). How can I share records with someone as read-only ? I guess we should add a notion of readers in addition to authors then.

[Natim]

If you want to let the user add and update its own records and let him read yours you have to use two distincts hawk tokens. One with the read_own_records that will be linked to the records authors and one for your own records.

What we could do is to add differents permission fields to the records:

• own
• read
• update
• delete

If you are in own you get them all, and then you can be in either read/update or delete.

[leplatrem]

The first option looks quite consistent! Most use-cases will indeed imply sharing private records publicly using a permalink, that could contain this additional token. Plus, accessing the list of records with this token will give all shared records.

But, however as far as I understand, sharing one record will require being allowed to change the model permissions! It thus implies having the right to take the model ownership too :)

We could also imagine to add a finer grain of permissions (regarding model permissions) but can be a huge overkill to distinguish owner's from others etc.

Your second proposition is interesting :) Let's try to define a API and see if we don't fallback into over-engineering :)

[Natim]

Actually for https://github.com/spiral-project/daybed-cloud-share I will need this kind of behavior.

[Natim]

Does this means we should add an update_records_permissions permission?

[Natim]

I am working on #268 to at least allow somebody to modify the authors_list. It would be a start.