~azzar1/unity/add-show-desktop-key

« back to all changes in this revision

Viewing changes to doc/dev/faq.rst

Committer: David Coles
Date: 2010-02-11 04:17:29 UTC
Revision ID: coles.david@gmail.com-20100211041729-v1s5ui7561g00pbl

Docs: Outline on permissions for views and database objects

files modified:
doc/dev/faq.rst

Show diffs side-by-side

added added

removed removed

doc/dev/faq.rst

variables than code running outside. It will be missing a lot of data, and

will contain some user-specific data.

... restrict permission to different views?

-------------------------------------------

In all views derived from ``BaseView`` the ``authorize`` function is called to

check if a user has access to a particular file. Often this is simply a check

to ensure that the user is logged in (the value of 'user' is not None), but

may be more complex such as checking if a user has a password hash set (to

prevent clobbering of external auth) or checking if a user has permission to

edit an ``Offering`` object.

Database

========

135

145

store.add(user)

136

146

store.commit()

137

147

148

... modify user capabilities or privileges?

149

-------------------------------------------

150

151

User privileges are set by the ``get_permissions`` functions in

152

``ivle/database.py``. Permissions are highly granular and can be set on almost

153

every object in the database.

154

155

Most permissions are set on the ``Offering`` level with ``ProjectSet``,

156

``Project`` and ``Worksheet`` simply delegating the check to ``Offering``.

157

Since ``Exercise`` may be shared between multiple ``Offerings``, the

158

permissions are calculated from the users active enrollments. Other objects

159

such as ``User`` may only be modified by the user or an admin. If a user is

160

not logged in (user is None) then they will typically receive no privileges at

161

all.

162

138

163

Where do I find...

139

164

------------------

140

165

Older »