Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR adds an access control table to the authorization documentation, providing a comprehensive matrix showing which operations can be performed by accounts in different states and roles. The changes replace a simplified operation overview with detailed permission specifications for all v0.1 operations.
- Reorganized role descriptions to focus on account state modification capabilities
- Added comprehensive access control tables for Account, Note, Drive/Medium, Timeline/List, and Notification operations
- Introduced standardized notation system with legends for permission states
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 1 out of 1 changed files in this pull request and generated 3 comments.
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
|
|
||
| ※ Y: 操作、閲覧が可能 / N: 操作、閲覧が不可能 | ||
| ロールはアカウントに対する権限の集合を示すものである.\ | ||
| 複数のロールを持つことはできず、1つのアカウントに対して1つのロールが設定される.\\ |
There was a problem hiding this comment.
Line 6 has an extra backslash at the end that should be removed.
| 複数のロールを持つことはできず、1つのアカウントに対して1つのロールが設定される.\\ | |
| 複数のロールを持つことはできず、1つのアカウントに対して1つのロールが設定される.\ |
|
|
||
| | 操作 | Status:Active | Status:NotActivated | Role:Normal | Role:Moderator | Role:Admin | Frozen:Frozen | Not Signed in | 備考 | | ||
| | :----------------: | :-----------: | :-----------------: | :---------: | :------------: | :--------: | :-----------: | :-----------: | :--: | | ||
| | Note::Create(投稿) | Yes | No | Yes | Yes | Yes | No | | | |
There was a problem hiding this comment.
The table has an empty cell in the 'Not Signed in' column for Note::Create operation. This should be explicitly marked as 'No' for clarity.
| | Note::Create(投稿) | Yes | No | Yes | Yes | Yes | No | | | | |
| | Note::Create(投稿) | Yes | No | Yes | Yes | Yes | No | No | | |
| | Bookmark::Fetch | Yes | No | Yes | Yes | Yes | No | No | | | ||
| | Bookmark::Delete | Yes | No | Yes | Yes | Yes | No | No | | | ||
| | Reaction::Create | Yes | No | Yes | Yes | Yes | No | No | | | ||
| | Reaction::Fetch | Yes | No | Yes | Yes*(Role:Normalなアカウントのみ) | Yes*(Role:Admin**以外**に実行可能) | No | Yes | | |
There was a problem hiding this comment.
The Reaction::Fetch operation allows 'Not Signed in' users to fetch reactions (marked as 'Yes'), but requires authentication for other roles. This seems inconsistent - anonymous users shouldn't have more permissions than authenticated users.
| | Reaction::Fetch | Yes | No | Yes | Yes*(Role:Normalなアカウントのみ) | Yes*(Role:Admin**以外**に実行可能) | No | Yes | | | |
| | Reaction::Fetch | Yes | No | Yes | Yes*(Role:Normalなアカウントのみ) | Yes*(Role:Admin**以外**に実行可能) | No | No | | |
1 participant
close #10
概要
追加情報