Secret Links: Read actions for `record` and `files` are unused
Currently, the upstream implementation of SecretLink
s only allows the actions view
, preview
, and edit
(cf. here and here).
In our permission policies however, we check for the additional actions record
and files
, which could come in handy for double-blind peer reviews.
Because it's not possible to set these values with the upstream backend classes (and UI), these values and the associated behavior go unused right now.
We should override the backend checks and the frontend inputs to allow our values. This could be done by monkey-patching the classes on extension startup (similar to how we override the App-RDM Jinja templates) and providing our own JS bits, or we could create a PR for RDM-Records and App-RDM that allow customizations via configuration.