Changes between Version 25 and Version 26 of BluePrintAuthorization
- Timestamp:
- 06/19/10 15:41:52 (14 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
BluePrintAuthorization
v25 v26 1 1 = !BluePrint for Authorization = 2 2 == User Stories == 3 * A Developer needs to be able to restrict access to a Module3 * A Developer needs to be able to restrict access to a '''Module''': 4 4 * ~~s3.modules in {{{01_modules.py}}}~~ 5 5 * Add Controller check as well as menu check. … … 37 37 }}} 38 38 39 * A Developer needs to be able to restrict access to a Function39 * A Developer needs to be able to restrict access to a '''Function''': 40 40 * ~~Decorator function : @auth.requires_membership("Administrator")~~ 41 41 * doesn't support OR (we could easily write our own function to do this, though) 42 42 43 * A Developer needs to be able to restrict access to a resource43 * A Developer needs to be able to restrict access to a '''Resource''': 44 44 * REST controller can be blocked via a Decorator 45 * Full security policy can be invoked, but this is painful (based on protected by default & granted manually) & untested within S3 recently46 * We could check for what other functions can access data? Sync. Hard to maintain though.45 * we'd need to patch other functions, such as sync, which would be hard to maintain 46 * Full security policy (native web2py) can be invoked, but this is painful (based on protected by default & granted manually) & untested within S3 recently 47 47 * Need a new method: open by default & restricted manually 48 * Needs to be a DAL-level method since not all accesses go via S3XRC.49 48 * Option1: Use an {{{auth_permission}}} table similar to Web2Py 'full' but just for tables & with {{{group_id}}} as {{{multiple=True}}} 50 49 * Option2: Set within {{{000_config.py}}}, along with module permissions? (see above example) 51 50 * Means less DAL calls 52 * Option3: Have an on acceptwhich auto-populates the reader_id/writer_id fields in records?51 * Option3: Have an onvalidation which auto-populates the reader_id/writer_id fields in records? 53 52 * Means that no additional auth check at table-level needed 53 * If done at validation time then it means that no extra DAL calls are done when creating resources (just extra field(s) within the 1 DAL call) 54 54 * Once new solution in-place: 55 55 * remove security_policy from {{{s3_setting}}} table & session ({{{00_utils.py}}}) 56 56 * modify {{{shn_action_buttons()}}} in {{{00_utils.py}}} 57 57 58 * A Developer needs to be able to restrict access to a record58 * A Developer needs to be able to restrict access to a '''Record''': 59 59 * Add 2 reusable {{{multiple=True}}} fields to each table which needs this: {{{reader_id}}} & {{{writer_id}}} combined as {{{permissions_id}}} 60 60 * Full backward compatibility since they default to None 61 * reader_id checked with a new API function (called from shn_read() & shn_list(), but also available for other functions)61 * For List views modify {{{shn_accessible_query()}}} (called from {{{shn_list()}}} & {{{shn_search()}}}) 62 62 * combine with the {{{deleted==True}}} check? 63 63 * makes it easier to then replace that check with an 'inactive' field which is a date instead of a boolean, so that records can be set to expire (as well as giving us easy access to know when a record was deleted) 64 * Option 1: Do the check alongside deleted as part of a big JOIN64 * Preferred Option: Do the check alongside deleted as part of a big JOIN 65 65 {{{ 66 66 def shn_accessible_query(table): … … 69 69 - deleted records are filtered 70 70 - records to which they don't have permissions are filtered 71 (Modified version of current function from models/01_crud.py)72 71 """ 73 72 … … 107 106 * Combines the deleted into single API call 108 107 * Single JOIN for optimal DB performance (Assumption needs testing) 109 * Option 2: Do the check in Python after the initial query has returned108 * Alternate Option: Do the check in Python after the initial query has returned 110 109 * Advantage: Might have better performance than complex DB string? 111 110 * Disadvantage: More records pulled from DB than necessary 112 * writer_id checked within a modified {{{shn_has_permission()}}} (called from shn_update(), etc, but also available for other functions) 111 112 * For single records modify {{{shn_has_permission()}}} (called from {{{shn_create()}}}, {{{shn_delete()}}}, {{{shn_read()}}} & {{{shn_update()}}}, but also available for other functions) 113 113 {{{ 114 114 def shn_has_permission(name, tablename, record_id = 0): … … 201 201 }}} 202 202 * Disadvantage: Slow 203 203 204 * UI to manage the fields. 204 205 * We expect relatively few groups per instance, so can use the checkboxes widget? 206 * can filter out some groups? 205 207 * Have a single checkbox for 'Restrict access' which then opens out the 2 fields. 206 208