Skip to content

LDPPermissions refactor

For a review of LDPPermissions performance see #299 (closed)

Excluding performance, in my opinion these are the key issues with DjangoLDP's permission system, and what should be changed about them:

Permissions functions mess

  • #291 (closed), #297 (closed): has_permission calls user_permissions on the model. This means that if I do not have model-permissions, I cannot gain object-permissions.. because the has_permission check is resolved before the has_object_permission in DRF calls
  • at runtime user_permissions might have the obj it's intended for, but it also might have the parent object, which could be anything.. this makes it confusing to override and in the case of djangoldp_circle.CircleMember impossible to implement the needed permissions logic (#197 (comment 28684)). The reason for this is so that on paths like /circles/1/members/, the permission evaluates whether I have access to the circle of which I am fetching the members
  • because the user_permissions has multiple concerns (defining model, view and object permissions, and the output of a WebACL) it is difficult to extend

The permissions functions should be changed so that:

  • has_permission is concerned with the permissions to access the view requested
  • has_model_permission is concerned with the permissions to access the model requested. It should be used in the LDPPermissions.has_object_permission as a utility function, but users shouldn't need to extend this unless they are changing how their model's permissions work. They probably won't need to reference it, unless implicitly through super().has_object_permission
  • has_object_permission is concerned with the permissions to access the object requested
  • user_permissions is concerned with the output of a WebACL. In #299 (closed) we are considering whether this is called automatically on a resource. Users should not need to extend this
  • filter_user_perms should be removed and replaced with the use of FilterBackends from !175 (merged)

On the Topic

There's an open issue for a permissions refactoring using only object-level permissions and agents: #197 (closed) . The conversation went cold on that one