---
** [tickets:#6715] Change has_access() handling of DENY**
**Status:** open
**Labels:** cleanup
**Created:** Fri Sep 27, 2013 07:33 PM UTC by Dave Brondsema
**Last Updated:** Fri Sep 27, 2013 07:33 PM UTC
**Owner:** nobody
We currently have deny checks pretty early in the has_access() logic. It would
be better to have the ACL order be respected, and have a DENY return false.
Need to make sure that tool-level user blocks still work properly, as do
private tickets and developer-only forums.
Make sure tests & docstrings are updated, since this is important
functionality. See particularly `test_weird_allow_vs_deny`
---
Sent from sourceforge.net because allura-dev@incubator.apache.org is subscribed
to https://sourceforge.net/p/allura/tickets/
To unsubscribe from further messages, a project admin can change settings at
https://sourceforge.net/p/allura/admin/tickets/options. Or, if this is a
mailing list, you can unsubscribe from the mailing list.
