On July 21, 2010 08:33:01 am atmorell wrote:
> Hello,
> 
> It would be very useful to have a section with "effective permissions"
> for user/objects on the summary page. Let's say I want to know what
> user Bob can do. That's not easy to track down manually, and I fear
> that I might have given an user to many rights.
> 
> Example on how this could work:
> 
> Form:
>   Select: user.
>   Select: model
>   Select: record
>   submit
> 
> =
> read
> update (id, body ) <--- oh no he can change id.
> destroy <--- remove this before site goes live.
> 

You would need to add fields to the "read" line because you can allow a user to 
fetch the record but only see specific fields in the record.

Furthermore, the permission system is not limited to fields in the database 
because you may have methods that wrap the database fields.  For example, the 
User model has a "crypted_password" that is wrapped by the "password" method.  
It is very difficult (possibly intractable) to create a general purpose form 
for 
identifying privileges.

> Maybe also display effective permissions on related models.This is not
> that important and it would be totally fine to just manually select
> one model/record at a time.
> 
> How do you guys make sure that nothing slips through?

Lots of unit testing:  50-90% of my unit tests are permission checking.  I 
have tests CRUD tests for every model for every role.  That is, for every role 
I create a test user for that role.  For example, the following code tests the 
update permissions on the ClubPro model: 

def test_update_permissions
  assert   @a_club_pro.editable_by?(users(:an_administrator))
  assert   @a_club_pro.editable_by?(users(:a_organizer))
  assert   @a_club_pro.editable_by?(users(:a_club_pro))
  assert ! @a_club_pro.editable_by?(users(:a_captain))
  assert ! @a_club_pro.editable_by?(users(:a_player_1))
  assert ! @a_club_pro.editable_by?(Guest.new)
  # 
  assert   @a_club_pro.editable_by?(users(:an_administrator), :name)
  assert   @a_club_pro.editable_by?(users(:a_organizer), :name)
  assert ! @a_club_pro.editable_by?(users(:a_captain), :name)
  assert ! @a_club_pro.editable_by?(users(:a_player_1), :name)
  assert ! @a_club_pro.editable_by?(users(:a_club_pro), :name)
  assert ! @a_club_pro.editable_by?(Guest.new, :name)
  # 
  assert   @a_club_pro.editable_by?(users(:an_administrator), :email_address)
  assert   @a_club_pro.editable_by?(users(:a_organizer), :email_address)
  assert   @a_club_pro.editable_by?(users(:a_club_pro), :email_address)
  assert ! @a_club_pro.editable_by?(users(:a_captain), :email_address)
  assert ! @a_club_pro.editable_by?(users(:a_player_1), :email_address)
  assert ! @a_club_pro.editable_by?(Guest.new, :email_address)
  # 
  assert   @a_club_pro.editable_by?(users(:an_administrator), 
:telephone_number)
  assert   @a_club_pro.editable_by?(users(:a_organizer), :telephone_number)
  assert   @a_club_pro.editable_by?(users(:a_club_pro), :telephone_number)
  assert ! @a_club_pro.editable_by?(users(:a_captain), :telephone_number)
  assert ! @a_club_pro.editable_by?(users(:a_player_1), :telephone_number)
  assert ! @a_club_pro.editable_by?(Guest.new, :telephone_number)
end

Note that there are also :a_player_2, :b_player_1 users that are used when 
:a_player_2 should have different privileges than :a_player_1 or :b_player_1.

This makes it very easy for me to check what users have which privileges.  It 
also has the benefit that my clients can read and understand the user 
privileges when presented in this format.

Finally, my development patterns are such that I develop the business logic in 
the models before presentation logic in the views, and I tend to be fairly 
restrictive on the permissions that are granted to each role.  This means that 
I often have to open up privileges a bit to get the user interface to work 
because sometimes uses the model fields in ways I had not anticipated.

I hope this helps.

Regards,
Henry
-- 
Henry Baragar
Instantiated Software

-- 
You received this message because you are subscribed to the Google Groups "Hobo 
Users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to 
[email protected].
For more options, visit this group at 
http://groups.google.com/group/hobousers?hl=en.

Reply via email to