Websites nowadays are not about publishing content so much any more but also a lot about data handling in extbase.
TYPO3 lacks a very important layer which is the security layer. There are ideas about creating a role based approach with the rbac extension but in this case you can either call an extbase action or not at all.
What is missing is a nice layer for checking permissions if you are allowed to modify data or not.
Speaking about the blog_example, you should be able to edit your own post/comment but not others.
I think it should be, technically, possible to use Doctrine for this. There should be a way to configure how the current request can interact with persistence:
Allow retrieval of data.
Allow updating of data.
Allow deletion of data.
…
This way the code itself does not need to be changed in any way and keeps clean by only providing business logic. Access restrictions should be implemented once in the Framework, which is Extbase for example.
I’m sorry, but category “site feedback” is about suggestion about decisions,typo3.org, not about arbitrary topics.
In general this page here is dedicated to make the TYPO3 core development process and decision finding more transparent, not about general discussions about feature ideas (unless mentored by one or more core team members)
I would greatly appreciate a “core” implementation of handling extbase permissions / ACLs, not only in FE use cases, but especially when writing extbase backend modules. It is hard to explain to your customers that they can configure every access detail inside TYPO3 - except for the special BE module you coded just for them.
I’ve written a custom extension to handle this (sadly not public yet since it has a few limitations). A few ideas from my implementation:
Persistence is not the only relevant part to protect. I divided the access management into three parts:
Persistence/Object access. Use case: Some blog entries are marked as “internal” and are only delivered to specific user groups/roles. Very handy feature, slims down repository code. In my implementation you could define access based on specific property values inside a domain object.
Action access: Limitations on which controller action a user can do.
Template/partial access: Extends or slims down the user interface. This part is probably the trickiest. I did not implement it because, well, fluid is a bit more complicated to hook in here.
The API allowed for blacklists as well as whitelists, example:
Of course the target audience for such a feature should also be discussed. If this is mainly for developers/integrators, a config file / TCA / API is fine.
If website administrators should be able to handle access, there probably needs to be some kind of visual access module in BE and additional meta information provided by extension developers (so actions become more “human-readable”). This probably goes a bit too far and exposes too much logic to the backend user.
As Helmut said, Threads for core relevant topics may only be started by core team members (suggested by everyone, but you have to find a core team member to mentor you) as we want to avoid having discussions without decisions/resolutions. Please read the guidelines for this platform (especially the pinned post in the discussion category).
To continue, please look for a core team member willing to mentor your topic (and aligning that with the existing persistence initiative for example). To discuss topics more freely use Slack or - in the future - talk.typo3.org.