Feature #18277
Updated by Peter Amstutz about 3 years ago
Need to be able to share with groups without having full read access to the group.
Need to do one of:
# New type of permission link that grants ability to see a group without traversing it
# Config option to make all 'role' groups visible without traversing them
Option 2 sounds simpler but may not actually be simpler to implement (may require introducing a special case into the permission checks).
Option 1 could possibly be used to generalize the annoying special case of read access on users (unlike groups, can_read on a user implies seeing the user but not traversing them).
Tom is going to propose something