Forum OpenACS Q&A: Link exposure for not logged in users

Usually OpenACS has been following a policy which says, you are not going to see a link where you don't have access to. This includes links which are not available to the not-logged in user.

In forums this concept is broken, even if you are logged out you have links to reply and to start a new thread.

This causes spiders to run against walls within OpenACS.

Question: What is the general concept OpenACS tries to follow. Still the one "you will not see a link if you can't access the link anyway (without doing something else)" or is this changed to a more general "we show you what you could do if you were to have the permissions to do it".

I am asking for a general guideline where OpenACS is going and what the community is thinking on this issue. Up until I found this in forums I presumed we should not show a link if the current viewer has no permission to work on the link. Which probably should still hold true, but what should we do if the user is not yet logged in ?

Collapse
Posted by Jim Lynch on
To me, this looks like a bug; the functionality is damaged in that its behavior doesn't make sense.

I think there should be a way (a permission?) that says "show this to not-logged-in users", and as far as I know, this does exist: you can grant whatever on the object to "the_public".