[ckan-dev] proposed authz changes

• Previous message: [ckan-dev] buildbot
• Next message: [ckan-dev] proposed authz changes
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Here are some proposed changes / strawman related to CKAN's
authorization system - they aren't very big, but should provide for
some forthcoming use cases. Do give feedback on any of these or ask
more questions

Dave

The first two changes revolve around the is_authorized method, which
is called by the logic layer to ask whether a particular user (e.g.
Bob) is allowed to do a certain action (e.g. edit) on a certain object
(e.g. Package).

1. The first thing the is_authorized method is a hook to a plugin
which can override. This can only ALLOW an action or FALLTHROUGH (rely
on the authz table). Extend this to allow DENY, so the plugin can stop
a user being authorized for someone.

Reason: authorization can be completely delegated to another system
(or partially)

2. is_authorized method currently takes (username, action, object)
but for action=create_package, the object supplied is System, and for
action=edit the object supplied is the package. Instead we should pass
the proposed new object / change.

Reason: an extension can then stop you creating a package with
particular values inside it, e.g. an allowable department for this
user

3. Actions are so close to the actions in the logic layer, we should
just merge them. 'package_create' is the same. 'update' becomes
'package_update', 'group_update' or 'package_relationship_update'
depending on the object type.

4. Rename these two classes to better reflect what they are
 * AuthorizationGroup -> UserGroup
 * Group -> PackageGroup

• Previous message: [ckan-dev] buildbot
• Next message: [ckan-dev] proposed authz changes
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]