At present, determining the authorisation status of a user to call a particular function requires an explicit call to check_perm (defined in util/permissions.py) for each permission a user must possess in order to run the routine.
The invocation of check_perm takes the same form in every function, and this call may therefore be replaced with a decorator which modifies the called function to automatically verify that the current user possesses the required permission - akin to a generalisation of the Flask @login_required decorator.
This issue relates to the development of a permissions-enforcement decorator, and any modifications to the existing access-control framework required to support this new technique.
pmslavin
commented
6 years ago
At present, determining the authorisation status of a user to call a particular function requires an explicit call to
check_perm(defined in util/permissions.py) for each permission a user must possess in order to run the routine.The invocation of
check_permtakes the same form in every function, and this call may therefore be replaced with a decorator which modifies the called function to automatically verify that the current user possesses the required permission - akin to a generalisation of the Flask@login_requireddecorator.This issue relates to the development of a permissions-enforcement decorator, and any modifications to the existing access-control framework required to support this new technique.