Changes between Version 1 and Version 2 of BluePrintAuthorization
- Timestamp:
- 06/18/10 11:53:15 (15 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
BluePrintAuthorization
v1 v2 36 36 accessible = (table.reader_id == None) 37 37 for role in roles: 38 accessible = accessible & (table.reader_id == role)38 accessible = accessible & (table.reader_id == str(role)) & (table.reader_id.like('%d|%' % role)) & (table.reader_id.like('%|%d|%' % role)) & (table.reader_id.like('%|%d' % role)) 39 39 query = deleted & accessible 40 40 return query … … 47 47 * Advantages: 48 48 * Combines the deleted into single API call 49 * Single JOIN for optimal DB performance 50 * Disadvantage: 51 * Can we deal with Multiple=True? 49 * Single JOIN for optimal DB performance (Assumption needs testing) 52 50 * Option 2: Do the check in Python after the initial query has returned 53 * Advantage: Allows us to process the Multiple=True field properly51 * Advantage: Might have better performance than complex DB string? 54 52 * Disadvantage: More records pulled from DB than necessary 55 53 * writer_id check: All Write access goes via S3XRC so can be checked there (we can also develop an API call for Manual DAL access?) … … 57 55 * We expect relatively few groups per instance, so can use the checkboxes widget? 58 56 * Have a single checkbox for 'Restrict access' which then opens out the 2 fields. 57 === Specific Examples === 59 58 * A Person's Subscriptions shouldn't be visible by default. 60 59 * Admin or themselves is OK