Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add test_app model that is visible to all users but has permissions for CUD (and test it) #457

Closed
AlanCoding opened this issue Jun 11, 2024 · 0 comments · Fixed by #473
Closed

Add test_app model that is visible to all users but has permissions for CUD (and test it) #457

AlanCoding opened this issue Jun 11, 2024 · 0 comments · Fixed by #473
Labels
app:rbac enhancement New feature or request

Comments

@AlanCoding
Copy link
Member

Filing after reading comment:

ansible/galaxy_ng#2162 (comment)

This scenario seems perfectly coherent, and it should be perfectly compatible with DAB RBAC.

  • all records of a particular model are visible to all users in the system
  • only users who are specifically granted permission to modify that model can make changes - CUD - Create Update and Delete

I expect we have a few cases where DAB RBAC assumed that a model has a "view" permission. We need docs to set expectations about configuration of this. For example, if the Meta doesn't list "view" permission is that enough to assume that all users can view all entries? If so, that probably needs a special case in the logic going into access_qs and stuff. So there's at least 1 thing to do.

Also need to test that custom roles and role_metadata work as expected.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
app:rbac enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add test model with no view permission AlanCoding/django-ansible-base
1 participant
@AlanCoding