Present: Katka, Pavol, Rado, Tony, Vilo (in alphabetical order :)
The "apply schema and security" methods execute three main functions:
They apply authorizations to the data: If a user has no rights to see a particular item, the item is removed from the object.
They apply information from object template and (sometimes) the archetype to the schema: changes things like display name, help text, cardinality, processing, and so on.
They apply authorizations to the schema: If a user has no rights to see a particular item, the item definition is removed from the schema (or marked as not readable). Also, if there is no right to add or modify the item, the item definition is marked as not updatable in add/modify scenarios.
The third functionality takes the most time, as it requires the schema be deeply cloned for each object.
Conclusions so far:
We will not apply authorizations to the schema. So, only points 1 and 2 will be executed. The results of the second point can be cached for individual object templates and/or archetypes, so the operation would be fast.
The authorizations will be applied only by the "get edit object definition" methods in
We will provide an information like "this schema was refined" in the particular schema.
Performance tests will be done when developing the solution.