I glossed over a subtle detail above that deserves mention. The check for logged-in users implicitly assumes that public permissions can only be granted to parties with a user_id. Following my suggestion above could change the input/output behavior of permission_p in the following case:
- the party_id argument represents something other than a user
- the application calling permission_p assumes that only user parties should get permission via grants to "the_public"; groups and other types of parties should not get permission
In the existing system, public permissions to not extend to these non-user parties, so this part of the permission_p query would return "false". In the modified system, "the public" is equivalent to "any party" (which probably makes more sense).
Regarding the impact of such a change, though we often *grant* permission to non-user parties, I don't know of any cases where we *query* whether these types of parties have permission. Does anybody else?
