Ticket #1050 (assigned enhancement) — at Version 7
refactoring of ckan/lib/authztool.py
Reported by: | johnlawrenceaspden | Owned by: | johnlawrenceaspden |
---|---|---|---|
Priority: | major | Milestone: | |
Component: | ckan | Keywords: | refactoring auth |
Cc: | Repository: | ckan | |
Theme: | none |
Description (last modified by rgrp) (diff)
Refactor ckan/lib/authztool.py so that the relevant methods are independent of the command line interface.
The extracted methods should live in a new file ckan/authz.py. authztool.py should probably move into cli.py and will just do command line parsing and printing and use ckan/authz.py. The updated web gui for authz will also use this code.
Tests should be made. There's already a file ckan/tests/test_authz.py, which looks like the appropriate place for new tests.
all to go on a branch feature-1050-refactor-authtoolz
Optional extras
- Rename ckan/authz.py to ckan/lib/authz.py or even ckan/logic/authz.py
Change History
comment:1 Changed 3 years ago by johnlawrenceaspden
- Owner set to johnlawrenceaspden
- Status changed from new to assigned
comment:2 Changed 3 years ago by johnlawrenceaspden
there's already a file ckan/tests/test_authz.py, which looks like the appropriate place for new tests.
comment:3 Changed 3 years ago by johnlawrenceaspden
- Keywords refactoring auth added
- Type changed from defect to enhancement
comment:4 Changed 3 years ago by dread
I may misunderstand how you intend to build the WUI Admin interface, but I think most of the stuff in authztool is just marshalling command line parameters anyway. The bits which do anything are factored out.
For example, to list rights you just loop over obj_classes to call model.Session.query(obj_class).all() and then display the values: type(subj).__name__, subj.name, role, type(obj).__name__, obj.name.
To change a right you simply call model.add_user_to_role(subj, role, obj) or model.add_authorization_group_to_role(subj, role, obj).
But of course if there is useful stuff to factor out then be my guest!