Développement #70152
Lors de la génération des permissions d'un utilisateur, prendre en compte l'héritage entre modèles
0%
Description
Dans django_rbac.backends.DjangoRBACBackend.get_permission_cache() si on trouver '<app1>.<perm>_<model1>' mais que <app2>.<model2> hérite de '<app1>.<model1>', ajouter '<app2>.<perm>_<model2>'.
Exemple réel: la permission authentic2.admin_service
donnera automatiquement les permissions authentic2_idp_oidc.admin_oidcclient
, saml.admin_libertyprovider
et authentic2_idp_cas.admin_service
.
Files
Related issues
Associated revisions
rbac: handle inheritance between model in get_all_permissions (#70152)
For global and ou scoped permissions, equivalent permissions on the child
classes are added, i.e. if you have authentic2.admin_service
permission then you also have authentic2_idp_oidc.admin_oidcclient
permission (globally or scoped by an organizational unit).
For instance scoped permissions, equivalent permissions on the parent
classes are added, i.e. if you have permission
authentic2_idp_oidc.admin_oidcclient on OIDCClient(pk=1), you also have
authentic2.admin_service on the same object.
History
Updated by Benjamin Dauvergne over 2 years ago
- File 0001-wip.patch 0001-wip.patch added
- Patch proposed changed from No to Yes
Début du truc, mais je vais relire les tickets de Valentin sur django_rbac d'abord pour ne pas perdre de temps pour rien.
Updated by Benjamin Dauvergne over 2 years ago
- Related to Développement #69902: django_rbac, rapatrier le modèle Operation added
Updated by Benjamin Dauvergne over 2 years ago
- Related to Développement #70135: django_rbac, rapatrier PermissionMixin added
Updated by Benjamin Dauvergne over 2 years ago
- File 0001-a2_rbac-add-helper-method-to-build-permissions-70152.patch 0001-a2_rbac-add-helper-method-to-build-permissions-70152.patch added
- File 0002-rbac-handle-inheritance-between-model-in-get_all_per.patch 0002-rbac-handle-inheritance-between-model-in-get_all_per.patch added
- Status changed from En cours to Solution proposée
Updated by Benjamin Dauvergne over 2 years ago
- File 0001-a2_rbac-add-helper-method-to-build-permissions-70152.patch 0001-a2_rbac-add-helper-method-to-build-permissions-70152.patch added
- File 0002-rbac-handle-inheritance-between-model-in-get_all_per.patch 0002-rbac-handle-inheritance-between-model-in-get_all_per.patch added
- ajout d'un check pour ignorer les classes de base qui sont des modèles abstraits
- correction de 2 warning pylint.
Updated by Serghei Mihai over 2 years ago
- Status changed from Solution proposée to Solution validée
Updated by Benjamin Dauvergne over 2 years ago
- Status changed from Solution validée to Résolu (à déployer)
commit 772a3f6f6d09a9d3a10f1fe2cc2c56d75a79d860 Author: Benjamin Dauvergne <bdauvergne@entrouvert.com> Date: Wed Oct 12 10:52:43 2022 +0200 rbac: handle inheritance between model in get_all_permissions (#70152) For global and ou scoped permissions, equivalent permissions on the child classes are added, i.e. if you have authentic2.admin_service permission then you also have authentic2_idp_oidc.admin_oidcclient permission (globally or scoped by an organizational unit). For instance scoped permissions, equivalent permissions on the parent classes are added, i.e. if you have permission authentic2_idp_oidc.admin_oidcclient on OIDCClient(pk=1), you also have authentic2.admin_service on the same object. commit 626ab8aab713e04b6d8c413e9c3bda7ad4cc1700 Author: Benjamin Dauvergne <bdauvergne@entrouvert.com> Date: Thu Oct 13 19:21:59 2022 +0200 a2_rbac: add helper method to build permissions (#70152)
Updated by Transition automatique over 2 years ago
- Status changed from Résolu (à déployer) to Solution déployée
a2_rbac: add helper method to build permissions (#70152)