On March 2, 2010, Curtis Hovey wrote: > Implementation notes > .................... > > I think the proposed permission rules imply the return of the despicable > EditPersonLocation-style permission checker... > > class EditProductSomething(EditByOwnersOrAdmins): > permission = 'launchpad.EditSomething' > usedfor = IProduct > > def checkAuthenticated(self, user): > """Anybody can edit something if it is not set.""" > something = self.obj.something > if something is None: > return True > else: > return super(EditProductSomething, > self).checkAuthenticated(user) > > ...and the setup of some unique views to isolate this kind of change. > > Since we are striving to remove the exceptional permission names, this > whole category of needs a name and story that is easy to test when we want > to reuse the permission name. We have a few cases of launchpad.append, but > I do not think that is this case. I also discount launchpad.moderate. This > looks like a launchpad.Propose, or launchpad.Suggest.
I suggest we use launchpad.Edit. For these attributes, but allow setting them from two places, the object directly where the current checker is used (owner/admin only). And a CommunityEditableMetadata objects which would use the more fancy checkers. > > I have some reservation about this whole proposal--users cannot fix their > mistakes. This will lead to requests to other users to fix the data, and > lead to bug reports just like the reports to edit/delete comments. We might want to store the last user who set the attribute and make the checker give permission to that user for that attribute on a more permanent basis. We probably also want some audit logs of attribuets set by community members. -- Francis J. Lacoste [email protected]
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Mailing list: https://launchpad.net/~launchpad-dev Post to : [email protected] Unsubscribe : https://launchpad.net/~launchpad-dev More help : https://help.launchpad.net/ListHelp
