Permission does not call check unless item exists, why?

Thread: Permission does not call check unless item exists, why?

Search this list only Search all lists
Permission does not call check unless item exists, why?
	2007-04-12 02:30:08
I have a question and suggestion concerning permission management... Why is a permission's "check" function (if specified) disallowed when checking permissions if the itemid is None? For example, when creating a new item. I'd like to be able to qualify a permission via a check function that requires only the userid (so I can dynamically control item creation based on info I maintain about the user without reference to any particular item). Are there reasons this ability was explicitly disallowed in Permission.test()? I know I can do this via a new role assigned to the relevant users but roles are hard to manage within roundup because they are outside the realm of the database. I am using "dynamic roles" (as a multilink on the user class) which allow "in database" management of various user permissions on which I was hoping to use to control access to various things dynamically, including item creation. I understand that to change this core functionality means "check functions" already written for other trackers may require modification (to check itemid validity) but if the roundup core was amended a backward compatibility flag could be added which defaults to the original behaviour. Comments on this idea anyone? Bruce. ------------------------------------------------------------ ------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default. php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Roundup-users mailing list Roundup-userslists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/roundup-u sers

Re: Permission does not call check unless item exists, why?
	2007-04-15 23:47:01
On Thu, 12 Apr 2007, Bruce Tulloch wrote: > I have a question and suggestion concerning permission management... > > Why is a permission's "check" function (if specified) disallowed when > checking permissions if the itemid is None? Because as you note, per-user permission controls may be implemented using Roles, though in your case that appears to be suboptimal > I understand that to change this core functionality means "check functions" > already written for other trackers may require modification (to check > itemid validity) but if the roundup core was amended a backward > compatibility flag could be added which defaults to the original behaviour. > > Comments on this idea anyone? I'm not personally interested in the change, so if you really want it you'll have to take ownership of it (ie. implement, check into Roundup core, fix documentation, create tests, handle backwards-compatibility etc). Richard ------------------------------------------------------------ ------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourcefor ge.net/powerbar/db2/ _______________________________________________ Roundup-users mailing list Roundup-userslists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/roundup-u sers

[1-2]

about | contact Other archives ( Real Estate discussion Medical topics )