There are a number of possible AuthorizationActions. Is there any kind of relation between them?
ReadProperty - if I have no read permission, does it implicitly mean I also don't have write permission?
GetObject - if I have no get permission, does it implicitly mean I also don't have edit permission?
EditObject - if I have no edit permission, does it implicitly mean I also don't have create permission?
The answers to the questions above seem obvious although the edit/create relation might be not so obvious, depending on the exact meaning of create. The point is if we can rely on these behaviours. Are there specific unit tests for these cases?
The rules and behaviors around these permission are the same as in 3.8.
The ways in which the methods (like CanReadProperty() or CanEditObject()) are used did not change from 3.8 to 4. All that changed is that I opened up the rule system used to evaluate the results of those methods.
Copyright (c) Marimer LLC