[ckan-dev] Sysadmin auth checks

Ross Jones ross.jones at okfn.org
Wed Sep 5 13:48:47 UTC 2012


Hi,

As the logic.auth functions are littered with checks along the lines of 

    if Authorizer().is_sysadmin(unicode(user)):
        return {'success': True}

I wondered if it would make more sense to move this check up into check_access() 
instead of in each individual function.  It does mean that sysadmin's can do anything
but this shouldn't be too controversial.

Can anyone see, or suggest, any reasons why I shouldn't do this?

Ross





More information about the ckan-dev mailing list