Something that's stung me multiple times over the last few weeks are
policy constraints.
I always have to look them up*, as their meaning is different depending
on the context (bags vs. recipes).
Initially, I was planning to resolve this problem simply by providing a
proper UI within TiddlyRecon, explaining what each item meant in the
respective context.
However, as Shatner says, it hasn't happened yet.
So, just to incite some controversy, is it really a good idea to use the
same Policy attributes on bags and recipes?
-- F.
* the docs on this are currently suboptimal - it's possible that improving
those will also lead to a simpler, more memorable mental model
> So, just to incite some controversy, is it really a good idea to use the
> same Policy attributes on bags and recipes?
Bags and Recipes don't have policy attributes, they have policies.
Policies have attributes.
I realize that's an incredibly pedantic statement, but it is an
important part of understanding how policies fit in.
One could choose to use policies on other entities too.
And as such they are generic things designed to allow the application of
generic constraints to stuff. They started out life as just for bags but
were applied to recipes when it became clear that some enterprisey
people needed to be sure none their names of stuff were being exposed.
My apologies for being a little careless in my wording.
I of course meant to question the application of the Policy class, with
its standard set of attributes, to both bags and recipes.
Griffelspitzer.
> And as such they are generic things designed to allow the application of
> generic constraints to stuff. They started out life as just for bags [...]
This doesn't answer my question though.
I'm wondering whether it's worth compromising the semantics of recipe
constraints for the sake of using a generic concept.
I understand that this has certain benefits in terms of code complexity,
as the permissions handling doesn't need to differentiate between bags'
and recipes' constraints - but perhaps that mapping could happen
internally rather than being exposed to users?
-- F.
> > And as such they are generic things designed to allow the application of
> > generic constraints to stuff. They started out life as just for bags [...]
>
> This doesn't answer my question though.
Yes. I don't have one.
> I'm wondering whether it's worth compromising the semantics of recipe
> constraints for the sake of using a generic concept.
>
> I understand that this has certain benefits in terms of code complexity,
> as the permissions handling doesn't need to differentiate between bags'
> and recipes' constraints - but perhaps that mapping could happen
> internally rather than being exposed to users?
"Users" should never have to see policies. They should be able to choose
behaviors in a friendly UI which underneath that UI are then mapped to
policies[1]. In other words effort is better spent in two ways:
* Making the UI useful, friendly, effective, efficient.
* Making the core simple, patterned, idiomatic, extensible, etc.
The part you're talking about, the part in the middle where you are trying to
create code that bridges between the two is the hardest part of the job and
the one requiring the most flexibility, knowledge and learning.
This is, of course, just my opinion.
[1] The fact that this is not yet true is no reason to change the core
architecture. It is a reason to build better tools that take advantage of the
flexible architecture. This is a general rule of thumb throughout the
TiddlyWeb universe. We don't need to come up with a bunch of new stuff, we
just need to use the stuff we've got effectively.
Depends on your definition of "user". I wasn't talking about end-users
in the sense of people using the TiddlyWebWiki UI, but rather people
using twanager or accessing the HTTP API.
> The part you're talking about, the part in the middle where you are trying to
> create code that bridges between the two is the hardest part of the job and
> the one requiring the most flexibility, knowledge and learning.
True - pushing complexities towards the edges is generally preferable.
(Though in this case, I'm not convinced that the mapping is the hardest
part.)
> The fact that [there is no such UI yet] is no reason to change the core
> architecture. It is a reason to build better tools that take advantage of the
> flexible architecture.
I agree.
-- F.
> True - pushing complexities towards the edges is generally preferable.
> (Though in this case, I'm not convinced that the mapping is the hardest
> part.)
In any case, I've had a think about it and I think the problem is just that
the policy stuff is not been well described, or the model is weird.
We kind of think of the Policy as the thing controlling access either to the
thing or the tiddlers within it, which is a bit poly, and also not quite
right.
The Policy controls access to the things which the policy is attached to
contains. For a bag that means:
read: read the tiddlers within
write: write the tiddlers within
delete: delete the tiddlers within
create: create a tiddler within
accept: accept a tiddler without validation into
manage: manage the bag (delete it, see its definition, update its definition)
For a recipe that means:
read: read the list of bags and filters that make up the recipe
write: NOT USED: we do not write bags _into_ a recipe, they are independent
delete: NOT USED: we do not delete the bags in a recipe
create: NOT USED: we do not create bags _into_ a recipe
accept: NOT USED: we do not write anything into a recipe that is to
be validated[1]
manage: manage the recipe (delete it, change its definition)
So the difference is there, but it is based on how containing is done.
Tiddlers are in Bags. Bags are _not_ in Recipes.
[1] there is recipe validation/sanitization but it is not controlled by
policies
Tobias.