Generic Authorization Questions
Chris Long
I'm the SoC student working on row level permissions. Just a few
questions about generic authorization for Joseph, and any one else who
has input.
1) Will there be any support for the previous method of checking
permissions? (e.g. will users.has_permission work?)
2) How are the two of us going to integrate our two systems? I mostly
have final testing and making the admin interface for editing row level
permissions left and then it's integrating them into the
permission/auth system. I have a few ideas, but we should really have a
long conversation about this and decide who si doing what and how so we
can maximize both our features. Sooner rather then later. :D
3) More a little mistake, in your patch you have in the main admin
views file:
if not has_perm(request.user, app_label + '.' +
opts.get_delete_permission(), obj):
probably meant has_permission.
I'm off for a bit, went to see LOTR the play last night - good but
long, I need to go recover some energy. ;)
Cheers,
Chris
Joseph Kocherhans
> 1) Will there be any support for the previous method of checking
> permissions? (e.g. will users.has_permission work?)
I was planning on keeping the User.has_perm method around for now, but
I think it ought to go away before 1.0. It won't be called anymore in
any of Django's code by the time I'm finished.
> 2) How are the two of us going to integrate our two systems? I mostly
> have final testing and making the admin interface for editing row level
> permissions left and then it's integrating them into the
> permission/auth system. I have a few ideas, but we should really have a
> long conversation about this and decide who si doing what and how so we
> can maximize both our features. Sooner rather then later. :D
Agreed. I'll hang out on #django for awhile tonight if you're
available. I'll plan on being there from 7-11pm MDT off and on. If I'm
not there I won't be gone for long. my nick is jkocherhans
> 3) More a little mistake, in your patch you have in the main admin
> views file:
>
> if not has_perm(request.user, app_label + '.' +
> opts.get_delete_permission(), obj):
>
> probably meant has_permission.
Yep. On top of that, all of those permissions strings that get passed
in will need to change to actual permission objects. I wrote a bunch
of the admin code last night, but didn't get around to testing it.
Probably tonight. Thanks for pointing it out.
Joseph
Chris Long
hour meeting and need to finish off some work then head home. I might
be too tired to make it on tonight, but I'll certainly try.
If not, I'll be around tomorrow from 9am to 3:00pm EST (7am to 1pm MT),
or on Sat any time past noon. If I'm not on the channel, send me an
email and I should pop on soon after that. Nickname for me would be
clong.
Chris
Chris Long
us know when you are available (on this topic) and we'll try working
out a time for everyone. Otherwise, we'll post a log/summary of our
conversation and decisions to keep everyone up to date.
Chris
Joseph Kocherhans
> hour meeting and need to finish off some work then head home. I might
> be too tired to make it on tonight, but I'll certainly try.
No problem. I'll be around tomorrow morning if tonight doesn't work
for you. No sense in forcing a tired brain to deal with this. I've
made a bunch of updates to the patch now if you want to check it out
again. I've got everything working in the admin system now but
cascading deletes.
Joseph
Eugene Lazutkin
It would be hard for me to participate in your discussion but I would
love to see the log or an executive summary of it.
Thanks,
Eugene