mglaman.dev – March 13th, 2024
Hey there!
Here's your weekly newsletter from me, Matt Glaman!
My latest blog post
Recently, I dove deep into using the Authorization Code grant type with Simple OAuth and ran into a major issue with the assumed permission hierarchy. This actually sparked quite the conversation. Here's the related issue: https://www.drupal.org/project/drupal/issues/3578418
The nightmare of permissions and OAuth scopes in Drupal
Drupal's role-based access control is one of its strengths. Permissions and roles are well-understood, and the system is mature. But the moment you step outside the standard cookie-based session — say, into OAuth with the authorization code flow — you hit a wall that the core permission model never anticipated.
Interesting links
“Gartner predicts that 40% of agentic projects will fail by 20278—not because the technology doesn’t work, but because organizations are automating broken processes instead of redesigning operations.”
What it costs to run Drupal's infrastructure
I really enjoyed these back-to-back posts by Dries.
If you enjoyed this, could you forward it to a friend? Was this forwarded to you? You can subscribe here!
Don't miss what's next. Subscribe to mglaman.dev:
Share this email:
