You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Phase 2 of diagram sharing (design: docs/design/diagram-sharing.md). Phase 1 (#76) gates only the ownership-enabled parent entity.
Problem
Child entities (e.g. a diagram's nodes/edges) have no write protection — they are only obscured behind the parent's UUID. Any authenticated user who knows a child id (or the parent id) can read/update/delete child records regardless of the parent's ownership or _shares grants.
Scope
Derive access on child entities from the parent's ownership + _shares grant via the relationship/scope config (ScopeConfig).
Read child requires view on the parent; create/update/delete child requires edit on the parent.
Deleting the parent cascades to children (and their grants are already cleared with the parent in phase 1).
Phase 2 of diagram sharing (design:
docs/design/diagram-sharing.md). Phase 1 (#76) gates only the ownership-enabled parent entity.Problem
Child entities (e.g. a diagram's nodes/edges) have no write protection — they are only obscured behind the parent's UUID. Any authenticated user who knows a child id (or the parent id) can read/update/delete child records regardless of the parent's ownership or
_sharesgrants.Scope
_sharesgrant via the relationship/scope config (ScopeConfig).viewon the parent; create/update/delete child requiresediton the parent.References
docs/design/diagram-sharing.mdspecs/DiagramSharingCurrent.tla(InvChildNeedsParentEditis violated by current behavior)