Comments (6)
Ok. What if I want to check for multiple privileges? For example:
@has_permission([Permission.WRITE, Permission.DELETE], context)
def do(request):
...
Or maybe even more complex needs - not a set of privileges, but a predicate (which can have any type). Because it may be necessary to combine privileges with AND or OR.
from aiohttp-security.
Please describe your case
from aiohttp-security.
It is another problem.
Passing predicate to query unknown storage looks weird. Also, it overcomplicates code reading and debugging.
Django checks for single permission only: https://docs.djangoproject.com/en/2.0/topics/auth/default/#default-permissions
Pyramid does the same: https://docs.pylonsproject.org/projects/pyramid/en/latest/api/request.html#pyramid.request.Request.has_permission
Why aiohttp-security should overcomplicate its API?
from aiohttp-security.
It will not be necessary to complicate the API - only removing the restriction on the type of permissions.
Under the predicate, I meant something like this:
@has_permission (WRITE || READ, context)
def do (request):
...
or
@has_permission (WRITE & DELETE, context)
def do (request):
...
Where:
READ
, WRITE
, DELETE
- instances of some type (for example, Predicate
), combinations using the &
, ||
they are also predicates.
This is what I would like to do in my project, and I'm stopped only by the restriction on the type of the first argument to the has_permission
function.
from aiohttp-security.
WRITE ^ DELETE
? I feel it makes a mess.
from aiohttp-security.
Sorry for long time answer. I will not argue. But I wanted to know what the mess you mean?
from aiohttp-security.
Related Issues (20)
- Why is the "latest" release on github version 0.2.0? HOT 1
- Extend permission-checking methods to return additional information HOT 2
- Non-SA MySQL Example (Inside) HOT 4
- Permission lists - Restrict route to multiple permission levels.
- Demos don't follow best practices HOT 6
- Why has_permission decorator is being deprecated ? HOT 1
- Dependabot couldn't authenticate with https://pypi.python.org/simple/
- Dependabot couldn't authenticate with https://pypi.python.org/simple/
- remember() not working HOT 4
- Why is identity forced to be string? HOT 5
- Question: Timeouts with remember() HOT 2
- cannot import name 'create_pool' from 'aioredis' HOT 1
- Should SessionIdentityPolicy.remember call new_session instead of get_session?
- Do you need help? HOT 2
- Redis upgrade
- SQLAlchemy upgrade
- Should identity be changed? HOT 1
- "Basic" terminology is misleading HOT 2
- Replace API functions
- Let's put `aiohttp-debugtoolbar` under the `aio-libs` org on PyPI
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from aiohttp-security.