Human readable policy

[almet]

I like the fact that the user can directly submit JSON for the policies, and that should definitely stay like this.

That being said, I'm concerned by the fact that it may be slow to do the json → hex translation for each request. What about storing the binary mask and provide a way to translate it to human readable JSON?

[leplatrem]

Thank you very much for your feedback !

We can benchmark this, and if this is really a problem, we can indeed perform mask <--> json translations in both ways. The idea of storing JSON instead of mask was to be able to browse (and modify) database raw content with no pain :) Nothing more.

[coveralls]

Coverage increased (+0.11%) when pulling f899a332b5ef332dfbd7ad0bcfe89b76714c6e3d on human_readable_policy into 491c627c05c4cfad54b580023a0e2223f6f0621f on dev.

[Natim]

For me it looks interesting but the curl commands is much more verbose, we should allow to defined with dict as well as with CRUD

Something like that : {"definition": "CRUD", "records": "CUD", "users": "C", "policy":"C"}

[leplatrem]

Ah, you mean to post/put stuff with curl ? Yes, I get it, I also like the string representation !

When validating input {"admin": {"definition": {"create": True}} could be as valid as {"admin": {"definition": "C"}}. And we would store the full json version anyway... If we figure out how to it with colander, it could make sense indeed.

Do you think it's a blocker for merging this PR ? I'd rather add a ticket as improvement... Computing binary masks manually was also a PITA :)

[Natim]

Yes please rebase and I will wait for a last @ametaireau review on this one :)

[almet]

There is just one typo, other than that I'm okay with this way of doing things. +1 as well for having a string representation :) r=@ametaireau