[swift-evolution] [Draft] A Consistent Foundation For Access Control: Scope-Bounded Capabilities
Rien at Balancingrock.nl
Sat Mar 4 10:09:49 CST 2017
> On 04 Mar 2017, at 16:01, Matthew Johnson via swift-evolution <swift-evolution at swift.org> wrote:
> I have updated this proposal with a few more refinements based on yesterday’s discussion. You can find the final proposal on Github:
>> On Mar 2, 2017, at 1:58 PM, Matthew Johnson via swift-evolution <swift-evolution at swift.org> wrote:
>> The rules which make up the essential complexity in Swift's access control system are:
>> • The default scope for all capabilites a declaration offers is module-wide (or submodule-wide in the future).
>> • The scope of a capability may be modified by an explicit access modifier.
>> • The scope of an additional capability is implicitly bounded by the scope of the basic capability.
>> • The scope of an additional capability may not be explicitly specified as greater than that of the basic capability.
>> • If no scope is explicitly provided for the basic capability and an additional capability is specified to be available outside the (sub)module the basic capability is also given the same availability.
>> • The scope of a declaration (including all capabilities) may be bounded by the declaration of ancestor.
Do you mean: IS bounded by?
>> • The scope of a declaration may not be greater than the scope of the capabilities necessary to use that declaration: if you can't see a parameter type you can't call the function.
>> Most of these rules already exist in Swift's access control system. There is one change and one addition:
Overall I think the draft is pretty solid.
Imo this would give Swift the best available access control system I know of ;-)
Thanks for your work on this!
More information about the swift-evolution