From d327e162517395ed055aea591ecb596f820deee1 Mon Sep 17 00:00:00 2001 From: Sarven Capadisli Date: Wed, 25 Nov 2020 15:23:37 +0100 Subject: [PATCH 1/5] Add use case for client to discover access privileges --- proposals/wac-ucr/index.bs | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/proposals/wac-ucr/index.bs b/proposals/wac-ucr/index.bs index 9060ed7b..b9e811bf 100644 --- a/proposals/wac-ucr/index.bs +++ b/proposals/wac-ucr/index.bs @@ -911,6 +911,21 @@ write access. Alice grants *PerformChart* read only access to all the projects that she can access. +### Application discovering access privileges {#uc-client-discover-access-privileges} + +Guinan uses an application to author and publish documents. The application +adapts its UI to the access privileges in order to distinguish between allowed +(actionable) and disallowed features for different permission groups. The +application can make use of information to assist Guinan based on what it is +allowed to perform, the public, as well as any other group. + +For example, for user level permission, if the application is not granted +[=write access=] on the resource that Guinan is currently editing, the UI can +disable the "Save" button in the menu. Guinan also wants to know if the +content they are updating is granted [=read access=] to the public - +consequently, eg. if it can be liked, bookmarked, archived by everyone. + + ## Privacy ## {#uc-privacy} ### Limiting access to who else is permitted ### {#uc-whopermitted} From c7299a2b86694c1a22ffd6349f9582fa50b568f5 Mon Sep 17 00:00:00 2001 From: Sarven Capadisli Date: Wed, 25 Nov 2020 18:25:58 +0100 Subject: [PATCH 2/5] Update proposals/wac-ucr/index.bs Co-authored-by: Ted Thibodeau Jr --- proposals/wac-ucr/index.bs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/proposals/wac-ucr/index.bs b/proposals/wac-ucr/index.bs index b9e811bf..f9c7c1d2 100644 --- a/proposals/wac-ucr/index.bs +++ b/proposals/wac-ucr/index.bs @@ -922,8 +922,8 @@ allowed to perform, the public, as well as any other group. For example, for user level permission, if the application is not granted [=write access=] on the resource that Guinan is currently editing, the UI can disable the "Save" button in the menu. Guinan also wants to know if the -content they are updating is granted [=read access=] to the public - -consequently, eg. if it can be liked, bookmarked, archived by everyone. +public is granted [=read access=] on the content they are updating, and +thus if it can be, for example, liked, bookmarked, archived by everyone. ## Privacy ## {#uc-privacy} From f82837c6b2d98f376d6c375ab079e645585e65f0 Mon Sep 17 00:00:00 2001 From: Sarven Capadisli Date: Thu, 26 Nov 2020 16:06:17 +0100 Subject: [PATCH 3/5] Rephrase use case on application determining access privileges --- proposals/wac-ucr/index.bs | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/proposals/wac-ucr/index.bs b/proposals/wac-ucr/index.bs index f9c7c1d2..1576a304 100644 --- a/proposals/wac-ucr/index.bs +++ b/proposals/wac-ucr/index.bs @@ -911,18 +911,18 @@ write access. Alice grants *PerformChart* read only access to all the projects that she can access. -### Application discovering access privileges {#uc-client-discover-access-privileges} +### Application determining access privileges {#uc-client-determine-access-privileges} Guinan uses an application to author and publish documents. The application -adapts its UI to the access privileges in order to distinguish between allowed -(actionable) and disallowed features for different permission groups. The -application can make use of information to assist Guinan based on what it is -allowed to perform, the public, as well as any other group. +adapts its user interface by way of distinguishing between allowed +(actionable) and disallowed features based on access information that the +[=resource server=] reveals, for example, permissions that are granted to the +application, to the public (everyone), or to a group. For example, for user level permission, if the application is not granted -[=write access=] on the resource that Guinan is currently editing, the UI can -disable the "Save" button in the menu. Guinan also wants to know if the -public is granted [=read access=] on the content they are updating, and +write access on the resource that Guinan is currently editing, the user +interface can disable the "Save" button in the menu. Guinan also wants to know +if the public is granted [=read access=] on the content they are updating, and thus if it can be, for example, liked, bookmarked, archived by everyone. From ad901c56e832b2e0a3e8229caec58f57c36be8be Mon Sep 17 00:00:00 2001 From: Sarven Capadisli Date: Thu, 26 Nov 2020 16:08:35 +0100 Subject: [PATCH 4/5] Minor --- proposals/wac-ucr/index.bs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/proposals/wac-ucr/index.bs b/proposals/wac-ucr/index.bs index 1576a304..4ac8743b 100644 --- a/proposals/wac-ucr/index.bs +++ b/proposals/wac-ucr/index.bs @@ -920,7 +920,7 @@ adapts its user interface by way of distinguishing between allowed application, to the public (everyone), or to a group. For example, for user level permission, if the application is not granted -write access on the resource that Guinan is currently editing, the user +[=write access=] on the resource that Guinan is currently editing, the user interface can disable the "Save" button in the menu. Guinan also wants to know if the public is granted [=read access=] on the content they are updating, and thus if it can be, for example, liked, bookmarked, archived by everyone. From 6a93dbfe2388ef85d6cc1365bb3a114a6fd61b01 Mon Sep 17 00:00:00 2001 From: Sarven Capadisli Date: Sun, 29 Nov 2020 10:04:17 +0100 Subject: [PATCH 5/5] Update proposals/wac-ucr/index.bs Co-authored-by: Ted Thibodeau Jr --- proposals/wac-ucr/index.bs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/proposals/wac-ucr/index.bs b/proposals/wac-ucr/index.bs index 4ac8743b..074e6d32 100644 --- a/proposals/wac-ucr/index.bs +++ b/proposals/wac-ucr/index.bs @@ -914,7 +914,7 @@ that she can access. ### Application determining access privileges {#uc-client-determine-access-privileges} Guinan uses an application to author and publish documents. The application -adapts its user interface by way of distinguishing between allowed +adapts its user interface to distinguish between allowed (actionable) and disallowed features based on access information that the [=resource server=] reveals, for example, permissions that are granted to the application, to the public (everyone), or to a group.