# Authorization + Community As a registered user I would like to be able to see the community on non-private ecoverses / challenges / opportunities. At the moment the ___anonymousReadAccess___ flag on the AuthorizationPolicy is equivalient to ___private___ i.e. that only members of that community have access. However we also want that users that are registered (logged in / authenticated) can also see the community on ___Public___ communities. Anonymous users should not see this. The option then is to look at the anonymousReadAccess flag, and if it is true to grant READ privilege to Users with the GlobalRegistered Credential ## Observations The AuthorizationPolicy basically needs to distinguish between three levels: - Anonymous access - Registered User access - Member / specific access The key binary switch is a user logged in or not, that we have to deal with via a flag on the AuthorizationPolicy as the User cannot have Credentials. All other AuthorizationPolicy decisions should go via CredentialRules on the AuthorizationPolicy. The implication is that for the Community entity, when the AnonymousReadAccess value is true on the parent entity, to set the flag to false on the child Community entity but to add a CredentialRule granting RegisteredUsers the READ privilege.