<div dir="ltr">@Adrian<div><br></div><div>I do agree with you when you state "<span style="font-size:12.800000190734863px">But instead of introducing even more access modifiers we probably should fix some of the existing ones". As I mentioned in the proposal, typeprivate level could somehow replace fileprivate which, in my opinion, falls short in promoting good design practices. While I'm sure that's not it's intent, it surely creates conditions for some dodgy patterns to emerge.</span></div><div><span style="font-size:12.800000190734863px"><br></span></div><div><span style="font-size:12.800000190734863px">Also, would you be so kind to provide an example where typepublic would be useful? Maybe you're thinking of allowing member access to subclasses? Would that fall into a possible "protected" realm?</span></div><div><span style="font-size:12.800000190734863px"><br></span></div><div><span style="font-size:12.800000190734863px">I agree we should handle protocol access control as well. In fact, I believe protocols in general should be subject of focus if we're to promote a protocol oriented programming environment. I believe there's some aspects within protocol usage which also lack robustness which lead, for instance, to type erasure solutions, which in my opinion feel like some somehow hacky.</span></div><div><span style="font-size:12.800000190734863px">Still, I believe there's so much we can add to protocol access control level, one can actually build a proposal out of it (I'd gladly take part of this discussion as well!), otherwise we'd be adding so much more to this proposal's intent than what it's essence demands: a way to access private members on extensions placed on separate files.</span></div><div><span style="font-size:12.800000190734863px"><br></span></div><div><span style="font-size:12.800000190734863px">@Rien</span></div><div><span style="font-size:12.800000190734863px"><br></span></div><div><span style="font-size:12.800000190734863px">"And the funny thing is, we don’t actually _need_ access control levels."</span></div><div><span style="font-size:12.800000190734863px">I tend do disagree. I believe we do profit from access control levels in many many ways. One does profit from clearer and safer API communication. I assume you consider that's vital as well since you do suggest a finer grained list of access control levels.</span></div><div><span style="font-size:12.800000190734863px"><br></span></div><div><span style="font-size:12.800000190734863px">"I consider it dangerous by default to open up a scope just because another class needs occasional". </span></div><div><span style="font-size:12.800000190734863px">Couldn't agree more! </span><span style="font-size:12.800000190734863px"><br></span></div><div><br></div><div>Best,</div><div>Gonçalo</div><div><span style="font-size:12.800000190734863px"><br></span></div><div><span style="font-size:12.800000190734863px"><br></span></div><div><span style="font-size:12.800000190734863px"><br></span></div></div><div class="gmail_extra"><br><div class="gmail_quote">2016-12-02 10:43 GMT+00:00 Adrian Zubarev via swift-evolution <span dir="ltr"><<a href="mailto:swift-evolution@swift.org" target="_blank">swift-evolution@swift.org</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word"><div class="m_-7243592002236992209bloop_markdown"><p>There is some really deep talk going on here again. But instead of introducing even more access modifiers we probably should fix some of the existing ones. </p>
<p>Don’t get me wrong, I understand what the authors of the proposal are trying to introduce to the language, but even if such a proposal would be accepted, there will be people who would beg for <code>typepublic</code> access modifier.</p>
<p>I tried to get some attention from the community after we introduced <code>open</code> to the language, because we literally created an inconsistent area for protocols. </p>
<p>Now we have <code>open</code> vs <code>public</code> classes, where <code>open</code> means you can subclass your type from module A in module B, and <code>public</code> prevents this.</p>
<p>What’s up with protocols?</p>
<p><code>(protocol) conforming == abstract subtyping (classes)</code></p>
<p>Fixing this area would prevent the API user from using protocols which are public but not meant to be used there (at least not to be conformed to), because there was some implementation artifact that prevented the framework author from hiding such a protocol.</p>
<p>Something like “hands off from <code>_SomeName</code> protocols” could be enforced by the language rather than some convention, which some API users might not even read. </p>
<p>That said, some hacks like this should be prevented:</p>
<pre><code class="m_-7243592002236992209swift">struct A : _<wbr>ExpressibleByBuiltinIntegerLit<wbr>eral {
init(_builtinIntegerLiteral value: _MaxBuiltinIntegerType) {}
}
struct B : ExpressibleByIntegerLiteral {
init(integerLiteral value: A) {
print(type(of: value))
}
}
let b: B = 42 // prints "A"
</code></pre>
<p>We introduced an exclusive access modifier for classes which is really odd to be honest. We should extend it to protocols as well.</p>
<p>In Module A:</p>
<ul>
<li>open protocol X - can be conformed to from module B</li>
<li>public protocol Y - cannot be confronted to from module B, but instead might be used as an interface</li><span class="HOEnZb"><font color="#888888">
</font></span></ul><span class="HOEnZb"><font color="#888888">
<p></p></font></span></div><div class="m_-7243592002236992209bloop_original_html"><span class="HOEnZb"><font color="#888888"><div id="m_-7243592002236992209bloop_customfont" style="font-family:Helvetica,Arial;font-size:13px;color:rgba(0,0,0,1.0);margin:0px;line-height:auto"><br></div> <br> <div id="m_-7243592002236992209bloop_sign_1480674204626516992" class="m_-7243592002236992209bloop_sign"><div style="font-family:helvetica,arial;font-size:13px">-- <br>Adrian Zubarev<br>Sent with Airmail</div></div></font></span><div><div class="h5"> <br><p class="m_-7243592002236992209airmail_on">Am 2. Dezember 2016 um 09:56:49, Rien via swift-evolution (<a href="mailto:swift-evolution@swift.org" target="_blank">swift-evolution@swift.org</a>) schrieb:</p> <blockquote type="cite" class="m_-7243592002236992209clean_bq"><span><div><div></div><div>And the funny thing is, we don’t actually _need_ access control levels.<br><br>The only purpose of access control is to enhance security/reliability by imposing restrictions on other programmers (API users).<br><br>It seems to me that in almost all discussions the arguments are mostly backwards: i.e. formulated from the perspective of the API users. Maybe because just about all programmers are API users of the OS-API? Anyway…<br><br>What I would like to see is a complete overhaul of the access control and rewrite it entirely from the perspective of the API provider.<br>I.e. give a more fine grained control to the API writer in the sense that he can specify exactly which other piece of code has access. I consider it dangerous by default to open up a scope just because another class needs occasional access. (i.e. give -for example- module access just because there is 1 other class in the module that needs that access. Inadvertently opening up access to all other classes in that module.)<br><br>An access control list could do just that. Perhaps something like:<br><br>access(type, MyFriendClass(get))<br><br>The above would provide access to the entire type (but not any children) and read-only from MyFriendClass.<br><br>A quick -off the cuff- list of access levels:<br><br>local: access only to local scope (default)<br>type: Only the type in which it is defined (no children)<br>child: The type and its children<br><type-name>: Access is granted to the type named<br>file: Access is limited to this file only<br><file-name>: Access is granted to the named file<br>module: Access is granted to the entire module<br><module-name>: Access is granted to the module with the given name<br>public: Access is granted to everybody<br><br>Further access specification could be made possible through the use of the dot-notation:<br><br><type-name>.<function-name><br><file-name>.<class-name | function-name><br><module-name>.<class-name>.<<wbr>function-name><br><br>Read/write control through a parameter passing notation:<br><br><type-name>.<function-name>([[<wbr>get],][set])<br><br>Examples:<br><br>access(type) var count: Int // entire type can read/write<br>access(type(get), type.incrementer) var count: Int // Entire type can read, only the incrementer function has read/write<br>access(module, FriendType, public(get)) var count: Int // Entire module can read/write, FriendType can read/write, others can only read<br><br>Regards,<br>Rien<br><br>Site: <a href="http://balancingrock.nl" target="_blank">http://balancingrock.nl</a><br>Blog: <a href="http://swiftrien.blogspot.com" target="_blank">http://swiftrien.blogspot.com</a><br>Github: <a href="http://github.com/Swiftrien" target="_blank">http://github.com/Swiftrien</a><br>Project: <a href="http://swiftfire.nl" target="_blank">http://swiftfire.nl</a><br><br><br><br><br>> On 01 Dec 2016, at 21:38, Brandon Knope via swift-evolution <<a href="mailto:swift-evolution@swift.org" target="_blank">swift-evolution@swift.org</a>> wrote:<br>> <br>> Is anyone starting to think the current access control model will become more burdensome over time?<br>> <br>> People will want to add and subtract to it for years to come...which tells me it's not very flexible. I'm beginning to feel like it is an old style model trying to fit into a modern language. <br>> <br>> For example, fileprivate and private encourage stuffing a lot of code into one file just to use that access control level. If you want to break this into more manageable chunks you have to make it internal or move it into a new module which is very complicated to do in Xcode (I.e requiring a new target like a framework). <br>> <br>> This keeps leading me back to having submodules or creating modules on demand. I think that would open up this system to great complexity.<br>> <br>> Want to keep something private to a specific class but private to anything outside of it? Make it internal to the same "submodule". <br>> <br>> I think we could keep tacking on things to access control, but I don't think it is really solving everyone's needs. I think a more flexible system would allow people to adapt it to their needs instead of structuring everything around a rigid system that forces you to do it swift's way. <br>> <br>> On Nov 29, 2016, at 10:24 AM, Gonçalo Alvarez Peixoto via swift-evolution <<a href="mailto:swift-evolution@swift.org" target="_blank">swift-evolution@swift.org</a>> wrote:<br>> <br>>> Hello, everyone!<br>>> <br>>> I would like to introduce a new proposal to swift evolution, but first I would love to run it by all of you so I get everyone's feedback and enrich it.<br>>> <br>>> This proposal consists of introducing a new typeprivate access control level which allows for members to be accessed in all extensions of a given type, whether lying within or in another file.<br>>> <br>>> You'll find the proposal draft in:<br>>> <a href="https://github.com/goncaloalvarez/swift-evolution/blob/master/proposals/NNNN-introduce-typeprivate-access-control-level.md" target="_blank">https://github.com/<wbr>goncaloalvarez/swift-<wbr>evolution/blob/master/<wbr>proposals/NNNN-introduce-<wbr>typeprivate-access-control-<wbr>level.md</a><br>>> <br>>> Thanks in advance for taking the time to evaluate the proposal.<br>>> <br>>> Best regards,<br>>> Gonçalo<br>>> ______________________________<wbr>_________________<br>>> swift-evolution mailing list<br>>> <a href="mailto:swift-evolution@swift.org" target="_blank">swift-evolution@swift.org</a><br>>> <a href="https://lists.swift.org/mailman/listinfo/swift-evolution" target="_blank">https://lists.swift.org/<wbr>mailman/listinfo/swift-<wbr>evolution</a><br>> ______________________________<wbr>_________________<br>> swift-evolution mailing list<br>> <a href="mailto:swift-evolution@swift.org" target="_blank">swift-evolution@swift.org</a><br>> <a href="https://lists.swift.org/mailman/listinfo/swift-evolution" target="_blank">https://lists.swift.org/<wbr>mailman/listinfo/swift-<wbr>evolution</a><br><br>______________________________<wbr>_________________<br>swift-evolution mailing list<br><a href="mailto:swift-evolution@swift.org" target="_blank">swift-evolution@swift.org</a><br><a href="https://lists.swift.org/mailman/listinfo/swift-evolution" target="_blank">https://lists.swift.org/<wbr>mailman/listinfo/swift-<wbr>evolution</a><br></div></div></span></blockquote></div></div></div><div class="m_-7243592002236992209bloop_markdown"><p></p></div></div><br>______________________________<wbr>_________________<br>
swift-evolution mailing list<br>
<a href="mailto:swift-evolution@swift.org">swift-evolution@swift.org</a><br>
<a href="https://lists.swift.org/mailman/listinfo/swift-evolution" rel="noreferrer" target="_blank">https://lists.swift.org/<wbr>mailman/listinfo/swift-<wbr>evolution</a><br>
<br></blockquote></div><br></div>