Idea #1904
Updated by Tom Clegg about 11 years ago
This has two parts:
# Implement a special "Anonymous" group
#* Created automatically, much like the "system group". uuid = @xyzzy-j7d0g-anonymouspublic@?
#* In permission checks, make sure @anonymous_group_uuid@ is always in the list of readable groups.
#* This should produce the desired result if someone shares an object with the Anonymous group -- at least for users who are logged in.
# Adjust permission system so users can get "anonymous" privileges without even logging in.
#* Careful in API server not to let anonymous user modify itself (or anything else normally allowed by permission system).
#* API server has to decide whether to say "please log in" or "just do stuff that anonymous user can do". (Perhaps "no token" = anonymous?)
#* Workbench has a similar problem: No session = anonymous?