Took a spin through the forum today, in an attempt to figure out a way to "convert" our current AAM setup over to using Policy Files, we have a rather large and complex set of capabilities we are using that span over multiple dev environments. The ID stuff is a real struggle, and from what I read, policy files let us use slugs, which should eliminate the issue of mismatches for terms between environments.
It's mentioned that you can "convert" to policy files in this post, but I have a feeling this is a 100% manual process, is that correct? I am not seeing anything that would allow you to "convert" a set of capabilities/permissions over to a policy. Unless I am just missing it somehow.
This might just be my interpretation of the word convert, but I read convert as a way to automatically take our current settings and turn them into polices.
If this is a manual process, that's going to be a slog to get through, it would be an amazing new feature to "convert" a set of capabilities and permissions for a role over to a policy file. I know it would be tough to make it perfect but as a starting point for moving over to policy files, it would be great. Especially if you have a lot of custom capabilities being managed through the traditional AAM UI.
Additionally, when talking about policy files or the UI settings, what takes precedence? Let's say I set up a policy file for one of our roles, and there are still other capabilities being set in the UI. Do they get merged somehow? Does one set of "permissions" take precedence over the other? Once you have set up policy files, do you need to reset all of AAM settings to make sure you don't have 2 sets of "capabilities/permissions" floating around? Also, what about hardcoded capabilities for roles? I assume the policy files will never be able to read those settings, even though the UI can?
Also, when we are talking about policy files, are they literal files being written to the file system, or are they just formatted data in the DB? As in, we could commit them to a repo, and move them up to a server and the settings would automatically get applied or would we still have to manually enter the settings in the editor no matter what?
I just forsee this getting very messy trying to move over to policy files after using the normal UI. On a side note, is there a way to use slugs instead of ID in the traditional UI at least for terms? I doubt it but thought I would ask.