Changes between Version 12 and Version 13 of BluePrintAuthorization


Ignore:
Timestamp:
06/18/10 21:04:35 (14 years ago)
Author:
Fran Boon
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • BluePrintAuthorization

    v12 v13  
    1616
    1717deployment_settings_modules = Storage(
    18     name = "gis",
    19     name_nice = "Mapping",
    20     description = "Situation Awareness & Geospatial Analysis",
    21     readable = None,    # All Users (inc Anonymous) can see this module in the default menu & access the controller
    22     writable = None,    # All Authenticated users can edit resources which aren't specially protected
    23     module_type = 2,    # Used to locate the module in the default menu
    24     resource_readable = Storage(
    25         apikey = 1,     # This resource is only visible to Administrators
    26     )
    27     resource_writable = Storage(
    28         layer_js = deployment_settings.auth.roles["AdvancedJS"],    # This resource requires the 'AdvancedJS' role to edit (or admin)
    29     )
     18    gis = Storage(
     19        name_nice = "Mapping",
     20        description = "Situation Awareness & Geospatial Analysis",
     21        readable = None,    # All Users (inc Anonymous) can see this module in the default menu & access the controller
     22        writable = None,    # All Authenticated users can edit resources which aren't specially protected
     23        module_type = 2,    # Used to locate the module in the default menu
     24        resource_readable = Storage(
     25            apikey = 1,     # This resource is only visible to Administrators
     26        )
     27        resource_writable = Storage(
     28            layer_js = deployment_settings.auth.roles["AdvancedJS"],    # This resource requires the 'AdvancedJS' role to edit (or admin)
     29        )
     30    ),
     31    ...
    3032)
    3133}}}
     34
    3235 * A Developer needs to be able to restrict access to a Function
    3336  * ~~Decorator function : @auth.requires_membership("Administrator")~~
    3437   * doesn't support OR (we could easily write our own function to do this, though)
     38
    3539 * A Developer needs to be able to restrict access to a resource
    3640  * REST controller can be blocked via a Decorator
     
    3842  * We could check for what other functions can access data? Sync. Hard to maintain though.
    3943  * Need a new method: open by default & restricted manually
    40    * Do all accesses go via S3XRC? If not, then needs to be a DAL-level method!
     44   * Needs to be a DAL-level method since not all accesses go via S3XRC.
    4145   * Use an {{{auth_permission}}} table similar to Web2Py 'full' for tables?
    42    * Set within {{{000_config.py))), along with module permisisons?
     46   * Set within {{{000_config.py))), along with module permissions?
     47
    4348 * A Developer needs to be able to restrict access to a record
    4449  * Add 2 reusable {{{multiple=True}}} fields to each table which needs this: {{{reader_id}}} & {{{writer_id}}} combined as {{{permissions_id}}}