[Cosmo-dev] Re: securing access to items in multiple collections

[Mimi Yin]

Yup, if you *receive* both read-only and read-write privileges to an  
item, then the more liberal privilege should win.

The key is to not allow users to grant themselves read-write  
privileges simply by dragging an item from an read-only collection to  
one they have read-write access to.

For example, I shouldn't be able to grant myself read-write access to  
items by virtue of adding a task from your personal task list to the  
office collection.

However, if this nuance is too hard to get right, we should probably  
go with the more restrictive model.

Mimi

On Oct 1, 2007, at 9:01 AM, Morgen Sagen wrote:

> Actually, I don't think this scenario is all that unusual.  Say I have
> my own "Work" collection where I keep my tasks and I share with you
> read-only, and we both share read-write access to the "Office"
> calendar.  As soon as I copy an item from Work to Office (so that
> others can work on this task), and you want to add this item to your
> Work collection (so it appears in your task list), you are now in the
> described situation.  I still contend that it shouldn't matter whether
> you copy the item from my Work colllection or the Office calendar
> (because you have write access to the item via the Office calendar),
> but I would like to get input from design on this.  Mimi?