Team Tiga | Protocol: Meeting "Project Proposals for Security Improvements" | 2015-10-28

Hi all,

Bastian, Christian and me just had a short hangout to come up with first ideas for possible project proposals for Neos’ security features. Here are four possible projects we came up with so far. Please add your comments, ideas, features as well as interests in those topics you would like to work on. In the end we want to form “official” project proposals out of this thread, which the teams can pull to implement.

##UI integration for existing NodePrivileges##

  • Collect actual UI use cases: what should happen in the UI?
  • Recheck if the existing node privileges cover all needed basic scenarios
  • Implement UI integration for all those privileges
  • special (Overlay) icons for protected nodes (e.g. in the navigate component)
  • Examples for all node privileges (NEOS-1115)

##User “Groups”##

##General FE Login improvements##

  • Redirect after login/logout
  • Highlight protected pages in tree (see above)


  • SqlGenerator for multi value properties (new ConditionGenrator(asset.tags))

  • Privileges for reading/manipulating assets based on media type, asset collection and/or tags (see

1 Like

Sorry for being super boring here, but I’d like to add that polishing the already merged stuff should be done before starting adding more features. Meaning finishing the refactoring, fixing existing bugs and adding missing documentation (especially the Neos parts). NEOS-1115 is of course a part of that.

1 Like

We talked about polishing & fixing existing stuff in the meeting and decided it’s part of our kitchen duties and needs to be done anyways. We didn’t think a project proposal for those would be necessary

Okay good to hear, and sure that doesn’t need a project proposal. But it would make sense to include in such a project instead of pulling a bunch of tickets in as kitchen duties separately.