Roundup Tracker

Proposal

In the following, a Permission is defined as being some action or group of actions which are given a label (eg. "View", "Edit", "Web Registration") that have some scope. A Role groups Permissions under a second label (eg. "Admin", "User"). Users are assigned Roles.

There should be broadly three scopes in Permission declarations:

So, the addPermission signature now looks like:

   1  addPermission(self, name="", description="", klass=None, property=None, check=None)

And the hasPermission signature now looks like:

   1  hasPermission(self, permission, userid, classname=None, property=None, itemid=None)

... and it will invoke the *check* code when defined instead of just returning True.

Permissions checks are still invoked by the user interface code as they are at the moment. Having the hyperdb automatically perform those checks would be painful, as we'd need special methods that circumvent the security checks, and then make sure we catch all the places that need to perform unchecked data access or manipulation.

Migration

This proposal introduces the "Create" permission which is not currently defined and therefore not assigned to users in current trackers. This will need to be changed in tracker installations.

This change also changes the existing way we handle user registration. Both the Web Registration and Email Registration permissions go away, replaced by generic Create checks.


CategoryDevelopment