LDPPermissions refactor
For a review of LDPPermissions performance see #299 (closed)
Excluding performance, in my opinion these are the key issues with DjangoLDP's permission system, and what should be changed about them:
Permissions functions mess
-
#291 (closed), #297 (closed):
has_permission
callsuser_permissions
on the model. This means that if I do not have model-permissions, I cannot gain object-permissions.. because the has_permission check is resolved before the has_object_permission in DRF calls - at runtime
user_permissions
might have theobj
it's intended for, but it also might have theparent
object, which could be anything.. this makes it confusing to override and in the case ofdjangoldp_circle.CircleMember
impossible to implement the needed permissions logic (#197 (comment 28684)). The reason for this is so that on paths like/circles/1/members/
, the permission evaluates whether I have access to the circle of which I am fetching the members - because the
user_permissions
has multiple concerns (defining model, view and object permissions, and the output of a WebACL) it is difficult to extend
The permissions functions should be changed so that:
-
has_permission
is concerned with the permissions to access the view requested -
has_model_permission
is concerned with the permissions to access the model requested. It should be used in theLDPPermissions.has_object_permission
as a utility function, but users shouldn't need to extend this unless they are changing how their model's permissions work. They probably won't need to reference it, unless implicitly throughsuper().has_object_permission
-
has_object_permission
is concerned with the permissions to access the object requested -
user_permissions
is concerned with the output of a WebACL. In #299 (closed) we are considering whether this is called automatically on a resource. Users should not need to extend this -
filter_user_perms
should be removed and replaced with the use ofFilterBackends
from !175 (merged)
On the Topic
There's an open issue for a permissions refactoring using only object-level permissions and agents: #197 (closed) . The conversation went cold on that one