Project

General

Profile

Idea #1904

Updated by Tom Clegg almost 10 years ago

This has two parts: 

 # Implement a special "Anonymous" group 
 #* Created automatically, much like the "system group". uuid = @xyzzy-j7d0g-anonymouspublic@? 
 #* In permission checks, make sure @anonymous_group_uuid@ is always in the list of readable groups. 
 #* This should produce the desired result if someone shares an object with the Anonymous group -- at least for users who are logged in. 

 # Adjust permission system so users can get "anonymous" privileges without even logging in. 
 #* Careful in API server not to let anonymous user modify itself (or anything else normally allowed by permission system). 
 #* API server has to decide whether to say "please log in" or "just do stuff that anonymous user can do". (Perhaps "no token" = anonymous?) 
 #* Workbench has a similar problem: No session = anonymous? 

Back