Tracking epic for #3832. Splits the granular permission model into shippable pieces.
The permission system already has the foundation: two-tier Basic/Medium model, 49 rights in PermissionType, and category-scoped group rights (faqgroup_right_category, GroupCategoryPermissionRepository, MediumPermission::hasPermissionForCategory()) shipped in the 4.2.0-alpha cycle. These issues complete the model on top of that base.
Children
Shared acceptance criteria (from #3832)
- Permission evaluation stays centralized in the
hasPermission* methods
- Performance remains acceptable (no N+1 on FAQ listing/edit paths)
- Missing permissions produce clear, user-facing errors
Cross-cutting constraint: Basic mode
BasicPermission has no groups. Every group-scoped restriction (category, language) must define Basic-mode behaviour: either degrade gracefully (no restriction) or require Medium mode. Decide once, document, apply consistently.
Recommended order: #4311 → #4313 → #4312.
Closes #3832 when all children land.
Tracking epic for #3832. Splits the granular permission model into shippable pieces.
The permission system already has the foundation: two-tier Basic/Medium model, 49 rights in
PermissionType, and category-scoped group rights (faqgroup_right_category,GroupCategoryPermissionRepository,MediumPermission::hasPermissionForCategory()) shipped in the 4.2.0-alpha cycle. These issues complete the model on top of that base.Children
Shared acceptance criteria (from #3832)
hasPermission*methodsCross-cutting constraint: Basic mode
BasicPermissionhas no groups. Every group-scoped restriction (category, language) must define Basic-mode behaviour: either degrade gracefully (no restriction) or require Medium mode. Decide once, document, apply consistently.Recommended order: #4311 → #4313 → #4312.
Closes #3832 when all children land.