[ckan-dev] Sysadmin auth checks

• Previous message: [ckan-dev] Sysadmin auth checks
• Next message: [ckan-dev] Using CKAN for research data management
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 5 September 2012 14:48, Ross Jones <ross.jones at okfn.org> wrote:

> Hi,
>
> As the logic.auth functions are littered with checks along the lines of
>
>     if Authorizer().is_sysadmin(unicode(user)):
>         return {'success': True}
>
> I wondered if it would make more sense to move this check up into
> check_access()
> instead of in each individual function.  It does mean that sysadmin's can
> do anything
> but this shouldn't be too controversial.
>
> That would seem sensible to me but I'd do it as a separate branch to keep
things easier to review


> Can anyone see, or suggest, any reasons why I shouldn't do this?
>
> Ross
>
>
> _______________________________________________
> ckan-dev mailing list
> ckan-dev at lists.okfn.org
> http://lists.okfn.org/mailman/listinfo/ckan-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.okfn.org/pipermail/ckan-dev/attachments/20120905/94396ef8/attachment-0001.html>

• Previous message: [ckan-dev] Sysadmin auth checks
• Next message: [ckan-dev] Using CKAN for research data management
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]