Hello Tibor, Tibor Simko <[email protected]> wrote: > > On Tue, 18 Feb 2014, Ferran Jorba wrote: >> In other words, uid == -1 is like admin. Is my approach sensible, or >> am I missing something and running into a dangerous zone? > > Yes, your reasoning path was correct, although uid == -1 means a guest > user, not an admin. This could create troubles if you later happen to > plug your scripts to some web workflows, say.
Thanks for the clarification. > Would you like to return hidden fields in your CLI? If so, which API > function(s) do you use in your scripts? E.g. if it is > search_pattern(), then setting "ap=-9" would permit you to search for > hidden fields too. from search_engine import print_record. As a matter of fact, I understand that it should affect basically this function, because it just limits (again, as I understand it) the visualization of some tags to unprivileged users. I haven't done any test yet, but what I'd like to change the behaviour of the can_see_hidden variable around here: http://invenio-software.org/repo/invenio/tree/modules/websearch/lib/search_engine.py?h=maint-1.1#n4352 so if there is no session, or user_info, or whatever, that is, if it is not running as a web process, it means that the script is running internally and so, it should have all privileges. Otherwise, it could not run, could it? Do you have any variable or way to detect if it is running as a web process or not? Preferably with a stable behaviour for the next releases. > In other words, depending on your concrete use case, it may be better > not to play with uid's but rather use other existing parameters, or > else introduce new parameters if they are not exposed to higher APIs. I'm open to suggestions. And, in my modest opinion, I think that this behaviour should be the default one for standard Invenio. Or not? Thanks, Ferran
