GoogleCodeExporter
commented
9 years ago Original comment by dr.s.m.f...@gmail.com on 11 Dec 2014 at 3:34
- Added labels: Milestone-4.5
Open GoogleCodeExporter opened 9 years ago
GoogleCodeExporter
commented
9 years ago Original comment by dr.s.m.f...@gmail.com on 11 Dec 2014 at 3:34
GoogleCodeExporter
commented
9 years ago I believe it is more complicated then this.
In the current situation, update might not only be used to circumvent create
access rules as outlined in the mailing list post, but also to get around
delete permissions: lets assume a user has update but not delete permissions to
a dataset in Investigation A and he got create and delete permissions to
datasets in another Investigation B. Then he can still delete the dataset by
"moving" it to Investigation B first. So maybe check DELETE before the update
and CREATE after the update?
On the other hand there are legitimate use cases where an update may have the
effect to revoke the user's create permissions. Consider the use case outlined
in issue 150 where CRUD permission is given on datasets under the condition
"complete = False". If we add the check CREATE perms after the update, the
user cannot change complete to True in a dataset anymore. Maybe do the check
CREATE after the update only if the update changes any relations?
I'm not what the best solution is. In any case, it seems we should take some
time to discuss the implications in detail.
Original comment by rolf.kr...@helmholtz-berlin.de on 9 Jan 2015 at 1:48
Original issue reported on code.google.com by
dr.s.m.f...@gmail.comon 18 Nov 2014 at 10:05