Open djay opened 8 years ago
ebrehault
commented
8 years ago It is quite easy to change the default behavior, for now if Plomino_Readers does not exist, we default to ['*'] (see https://github.com/plomino/Plomino/blob/master/src/Products/CMFPlomino/document.py#L312 ), we could replace that with [db.DEFAULT_SECURITY], and manage this DEFAULT_SECURITY param as a db settings.
djay
commented
8 years ago @ebrehault I think that might help but it only solves part of the problem. That would still require the use of some special group/user and changing your code around to use agents. Is it possible to query the data in formula in such a way as to bypass plomino readers so formulas don't have to use an agent? Seems to be that formulas have access to enough apis that they could access that data regardless right?
ebrehault
commented
8 years ago We have that for index search (with the only_allowed param: https://github.com/plomino/Plomino/blob/master/src/Products/CMFPlomino/index/index.py#L158 ), but I do not know what it takes to generalize this principle.
By the way, in Rapido, that's how it works: a formula can change any record.
User problem
Imagine a system that has some data which the user enters but then some system generated data, or special reference data thats imported. You want to protect the user documents with Plomino_readers so only they can read their own documents, but you want all other data to be secure. Only formulas can access that data.
Currently what you have to do is:
Options
security on views/agents/forms
We able to set make any of these private and only accessible to formulas or select people.
private by default
Have a switch that sets all documents to be private to everyone except formulas if they have no Plomino_readers set
??