cubicweb-collaboration #3814292 only handle entity types and rdefs strictly in the container in security setup [validation pending]
The permissions rules (e.g. based on can_write relation) just assumes that entities are always linked a container, despite the application schema may not enforce it.
|closed by||#d0c07957b90f Do not set permissions on entity types which instance can live outside the container|
|patch||Do not set permissions on entity types which instance can live outside the container [applied]Do not set permissions on relation definitions for which the parent entity can live outside the container [folded]Relax permissions for relations between entities not in a container [rejected]Relax permissions for entities not in their container [rejected]|