On Thu, 2010-02-04 at 18:37 +0100, Henning Eggers wrote: > Hi all, > in some of my recent work I was confronted with parts of the > Launchpad/Zope security system, namely the IAuthorization adapters in > lib/canoncial/launchpad/security.py. I think this file and the concept > behind it could use some serious improving to be easier to handle and > less error-prone. > [...] > > = Needed improvements = > > * Split permission checking up into chunks for each Launchpad > application. At the same time, general policies need to be available > to all parts.
If we split that file, I'd rather see the code for permission checking as close as possible to the pertinent model class instead of having per-app security.py modules, as you seem to suggest above. > > * Have a canonical way to use the same checks in model code as in view > code. I guess this is because the existing api (check_permission()) doesn't take a user as argument? > > = Possible solutions = > I don't have all the answers but these are some of my ideas. > > * Make model objects be their own authorization adapter. Why should > it be too much to ask of an object, if a user may edit or admin it? > The implementation can be in the class itself but may just as well > be provided by a mix-in. I don't think this is the responsibility of model classes, but it might be a good idea to have a single adapter (for every model class) that knows about all different permissions on that class. > > * Provide helpful system-wide mix-ins that implement common security > policies, e.g. for owners, admins, etc. > > * Design these mix-ins in a layered way, so that permissions can simply > be added up and automatically include permissions from more > restrictive policies. > > * Provide a gradual transition path. If an object does not provide its > own authorization information, look in the old security.py for it. These can be done with the single-adapter model as well. > > * Delete security.py! ;-) > > > Please comment or propose other solutions or make suggestions on how to > implement some of the ideas here. > > Implementing this will take some time and should happen gradually, as > indicated. As a first step I filed this bug: > https://bugs.edge.launchpad.net/launchpad-foundations/+bug/517153 > > But we need more bugs to make up the plan to improve this system. > > Cheers, > Henning > > > > _______________________________________________ > Mailing list: https://launchpad.net/~launchpad-dev > Post to : [email protected] > Unsubscribe : https://launchpad.net/~launchpad-dev > More help : https://help.launchpad.net/ListHelp -- Guilherme Salgado <[email protected]>
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Mailing list: https://launchpad.net/~launchpad-dev Post to : [email protected] Unsubscribe : https://launchpad.net/~launchpad-dev More help : https://help.launchpad.net/ListHelp
