Thanks Angela for the response and happy new year to you as well > On 10. Jan 2023, at 10:27, Angela Schreiber <[email protected]> wrote: > > the current restriction API does not allow to limit to/for certain > principals. restrictions are not aware of the principal a given entry is > evaluated for but are only aware of the path and the item the permissions > applies to.
The question was more whether the item which is evaluated by the restriction in the case of write operations is the before or after state in the repository. I guess it is just the before state, which means that you cannot limit creation of a new node with a specific node type (with a node type restriction ACE) nor the migration of an existing node to a certain node type to certain principals only. Therefore it is probably reasonable to document that it is not reasonable to use property evaluating restrictions with write permissions, am I right? Konrad
