Hey people!
Unless I'm mistaken, there is currently no authorization layer in Hubs. Nothing checks that only johnsmith can edit the johnsmith hub, or that only members of the design team can edit the designteam hub.
Is somebody working on that? Since I think we need it before we can consider a public release, I propose to find a library that would allow us to set and enforce those authorizations, and implement it in the current codebase. At the moment I think the main requirement is auth based on group membership. The library should allow us to assign people to groups based on their FAS groups, but I believe this is more the scope of the authentication library, so I shouldn't matter here.
What do you think? Is it a good time to start working on that?
Cheers!
Aurélien