Custom Query (2152 matches)

Filters
 
Or
 
  
 
Columns

Show under each result:

Results (1036 - 1038 of 2152)

336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356
Ticket Resolution Summary Owner Reporter
#1036 fixed Add tests for three functions in ckan/model/user.py johnlawrenceaspden johnlawrenceaspden

Reported by johnlawrenceaspden, 3 years ago.
Description

create a new test file ckan/model/test_user.py

add tests for the following three functions in ckan/model/user.py

number_of_edits, number_administered_packages, search

merged in in changeset 0046f83aedcf

#1050 invalid Authz lib improvement and refactor of ckan/lib/authztool.py thejimmyg johnlawrenceaspden

Reported by johnlawrenceaspden, 3 years ago.
Description

Refactor ckan/lib/authztool.py so that the relevant methods are independent of the command line interface.

The extracted methods should live in a new file ckan/authz.py. authztool.py should probably move into cli.py and will just do command line parsing and printing and use ckan/authz.py. The updated web gui for authz will also use this code.

Tests should be made. There's already a file ckan/tests/test_authz.py, which looks like the appropriate place for new tests.

all to go on a branch feature-1050-refactor-authtoolz

Optional extras

  • Rename ckan/authz.py to ckan/lib/authz.py or even ckan/logic/authz.py
#1065 fixed [super] Change Authorization System zephod johnlawrenceaspden

Reported by johnlawrenceaspden, 3 years ago.
Description

Child tickets

  • #1198 Publisher hierarchy
  • #1050 Authz lib improvement and refactor of ckan/lib/authztool.py
  • #1004 Group creation instructions missing
  • #1099 Strange interactions between two browsers while playing with authz groups
  • #1115 can have two authzgroups with the same name
  • #1133 command line rights manipulation doesn't work
  • #1138 minor navigations behave inconsistently

Old ticket description:

  1. Change name of AuthzGroup? to UserGroup? to reflect what it is for
  1. Get rid of Roles, and replace them with direct assignment of actions, even though there are many actions, and extensions can add arbitrary ones.
    • Debatable whether we should cut the number of actions to correspond to the three roles defined by the base system.
    • Have a method of finding roles (or, in future, actions) relevant to a given protection object (e.g. FILE-UPLOAD(ER) not relevant to Packages)
  1. Change UserGroups? so that they can have a hierarchical structure,

More info on Hierarchy change

e.g. UserGroup? NHS contains the User nhsysadmin, as well as the UserGroups? SURREY and BERKS, which themselves contain users.

One user in SURREY is Simon the Sysadmin, who has permissions on the whole system. His permissions should not leak out to other users or groups, and user permissions generally should not.

Each Group has permissions over various objects.

A user has permissions in his own right, and also has the permissions of his own group, and of all the groups contained in his group, and so on recursively.

Algorithm:

possible(user, action, package):

if user has permission for action on package

or any of have that permission

or any of his groups group-children (but not user-children), and so on recursively have the permission.

336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356
Note: See TracQuery for help on using queries.