Re: [w3c/permissions] Replace "Permission" with "Persistent Permission" globally. (#85) from jan-ivar on 2016-04-22 (public-webapps-github@w3.org from April 2016)

From: jan-ivar <notifications@github.com>
Date: Fri, 22 Apr 2016 06:46:23 -0700
To: w3c/permissions <permissions@noreply.github.com>
Cc:
Message-ID: <w3c/permissions/issues/85/213434671@github.com>
Please see beyond my recommendation to the issues I point out. This is after all an *issue* not a *PR*, and I believe it points out real terminology issues with the spec:

 * There is no definition of *permission*.
 * The implicit definition is that of a *persistent permission*, which is fine, but should be made clear.
 * Statements from participants about this covering access ("temporary permission") don't hold.
 * Algorithms based on this poor definition, such as *request*, make no sense (see below).

We should leave it open until these are addressed. Again, my main explanation about the poor terminology is laid out in https://github.com/w3c/mediacapture-main/issues/334#issuecomment-212999808, not here, so please go read that first.

Let me walk through, for instance, the [request algorithm](https://w3c.github.io/permissions/#permission-request-algorithm) to illustrate how little sense it makes:

> Takes the previously-stored instance of the [permission storage type](https://w3c.github.io/permissions/#permission-storage-type),

I assume *permission storage type* must mean [PermissionStorage](https://w3c.github.io/permissions/#dictdef-permissionstorage) since there are no other sub-classes anywhere in the spec. That in turn is "just an explanatory device", and really just a [`state`](https://w3c.github.io/permissions/#enumdef-permissionstate), either "prompt", "granted", or "denied". Lets say this state starts out as "prompt" in this example walk-through (I'm being kind, because this algorithm appears to do nothing in any other state, yet makes no mention of checking said state at the point of entry).

> an instance of the [permission descriptor type](https://w3c.github.io/permissions/#permission-descriptor-type),

a `name` essentially.

> and a newly-created instance of the [permission result type](https://w3c.github.io/permissions/#permission-result-type).

This is just another `state` as far as data is concerned.

> Shows the user any necessary prompt

This is hand-waving.

> to try to *increase permissions*,

The term *increase permissions* is not defined or explained anywhere. My best guess is that "to increase permissions" means change the `state` from "prompt" to "granted"? I don't know what else it can mean.

> and updates the instances of the permission storage type and permission result type to match. 

And we can stop here, as this seems to be all this algorithm really does: ask the user if it can change `'prompt'` to `'granted'`, in other words: ask the user whether this site can have persistent permission please. That is: the ability to access the named ability any time it wants without having to *prompt for each access*. Interestingly, this API offers no mechanism through which such *"prompts for access"* can be made, because we just walked through the only algorithm that it could be, and we unearthed no mechanism for access, and that would be recursive anyways.

Now @jyasskin please explain to me what a "temporary permission" is in this spec.

> May return a Promise if the request can fail exceptionally.

If we keep going, another red flag here is that this seems to describe an API that *sometimes* returns a promise and sometimes not. A terrible API for error handling. But it suggests something more ominous, which is that this appears to be an attempt to describe a *pattern* rather than any specific API. I've [seen this before](http://w3c.github.io/mediacapture-main/getusermedia.html#constrainable-interface) and the results are always disastrous: a spec that doesn't do anything, a bunch of air, and worse, a spec that tries to enforce generalities and shape things without doing any lifting, and without accomplishing anything other than the behavioral symmetry it seems to proclaim is a worthy goal in itself. Specs should be specific, and not dabble in generalities. Coaxing things that are inherently different into lockstep for no apparent reason other than ergonomics is close to cargo-cult science in my book.

> (Merely being denied permission is not exceptional.) Used by Permissions' request() method, which handles reading and writing the permission store. If unspecified, this defaults to the [boolean permission request algorithm](https://w3c.github.io/permissions/#boolean-permission-request-algorithm).

This says TODO.


---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/permissions/issues/85#issuecomment-213434671
Received on Friday, 22 April 2016 13:47:01 UTC