Role-based authorization
6 views
Skip to first unread message
Terrence Brannon
Oct 19, 2018, 12:50:43 PM10/19/18
to Reahl discuss
In looking over the list of components, I do not see the documentation for reahl domain. I am wondering how you assign different roles to different users.
Iwan Vosloo
Oct 20, 2018, 3:03:15 AM10/20/18
to reahl-...@googlegroups.com
Hi Terrence,
On 19/10/2018 18:50, Terrence Brannon wrote:
> In looking over the list of components, I do not see the documentation for reahl domain. I am wondering how you assign different roles to different users.
>
The documentation for reahl-domain is here:
https://www.reahl.org/docs/4.0/domain/index.d.html
But, you won't find predefined roles in there. We thought that it is a
bit restrictive for a framework to make the decision of how role-based
access will work. For this reason there are various places where you can
specify a way for the framework to check whether something is readable
or writeable for the current user.
This is done by supplying a function or method which the framework will
call to ask whether the current user is allowed to read or write something.
If you want role-based access control, you can hook it in there. We've
done something like that in the tutorial:
https://www.reahl.org/docs/4.0/tutorial/accesscontrol.d.html
Here are the different places where you can specify access control:
On a Field, eg:
Field(label='Name',
required=self.can_be_added(),
writable=Action(self.can_be_added))
On a method, as is shown here:
https://github.com/reahl/reahl/blob/master/reahl-component/reahl/component_dev/test_domainaccesscontrol.py#L27
On a View, as is shown here:
https://github.com/reahl/reahl/blob/master/reahl-web/reahl/web_dev/test_security.py#L321
I
Regards
Iwan
--
Reahl, the Python only web framework / www.reahl.org
On 19/10/2018 18:50, Terrence Brannon wrote:
> In looking over the list of components, I do not see the documentation for reahl domain. I am wondering how you assign different roles to different users.
>
https://www.reahl.org/docs/4.0/domain/index.d.html
But, you won't find predefined roles in there. We thought that it is a
bit restrictive for a framework to make the decision of how role-based
access will work. For this reason there are various places where you can
specify a way for the framework to check whether something is readable
or writeable for the current user.
This is done by supplying a function or method which the framework will
call to ask whether the current user is allowed to read or write something.
If you want role-based access control, you can hook it in there. We've
done something like that in the tutorial:
https://www.reahl.org/docs/4.0/tutorial/accesscontrol.d.html
Here are the different places where you can specify access control:
On a Field, eg:
Field(label='Name',
required=self.can_be_added(),
writable=Action(self.can_be_added))
On a method, as is shown here:
https://github.com/reahl/reahl/blob/master/reahl-component/reahl/component_dev/test_domainaccesscontrol.py#L27
On a View, as is shown here:
https://github.com/reahl/reahl/blob/master/reahl-web/reahl/web_dev/test_security.py#L321
I
Regards
Iwan
--
Reahl, the Python only web framework / www.reahl.org
Reply all
Reply to author
Forward
0 new messages