restricting field access per field, per record, depending on other values about server-tools HOT 9 CLOSED

ping @gurneyalex @pedrobaeza @StefanRijnhart - I'd be curious about your opinion on this one

from server-tools.

@ALL I'm just as curious about your opinions too of course

from server-tools.

Hi, @hbrunn, you can define record rules to restrict operations depending on a domain, which is similar to what you are doing. Have you checked that option? What I don't know is how multiple record rules mix together.

from server-tools.

@pedrobaeza in my project, I use record rules on top of that. Record rules restrict which records a user can execute an action on, but here, the requirement is that users are allowed to see all partners, but only specified fields. And it has to be a hard restriction as opposed to just hide some fields in the UI (this can be circumvented by using xmlrpc or the like)

How multiple record rules mix is as follows:

• all group-specific record rules are combined with AND
• all not group-specific record rules are combined with OR
• the two above are combined with AND

This has the sometimes counter intuitive result that adding a user to a group actually makes her see less records.

But well, another topic, let's keep talking about field level access restrictions ;-)

from server-tools.

Hi, Holger, thanks for the explanation about the record rules. Indeed, I read very fast and didn't take into account about your intention of protecting only certain fields, not at record level.

Commenting on the code you present, I would't put a whitelist, but allow all the fields by default. On contrary, each module that adds a field will need to explicitely inherit your mixin and add itself to whitelist.

I also don't understand why you need two methods to deal with the restriction: _restrict_field_access_inject_restrict_field_access_domain and _restrict_field_access_is_field_accessible

from server-tools.

Thanks for your points. The whitelist is indeed quite specific to the customer, I think in the end there'll be a function for a whitelist and one for a blacklist, both empty, and if the user (=programmer) doesn't fill one of them, nothing happens.
_restrict_field_access_inject_restrict_field_access_domain allows you to rewrite the attrs attribute on a form, _restrict_field_access_is_field_accessible is a helper function programmers can use to have the logic about whether a field is accessible or not at one central place.

from server-tools.

OK, I like then the possibilities this brings. You can make a server-tools module or wait for another opinion, but I think this deserves a module.

from server-tools.

@hbrunn i did not take a deep look at your code, but i really like the idea. For us, in some projects we need to create some function fields to store values and do the restriction based on these function fields. I'm looking forward to see your module ;)

from server-tools.

I made a PR in #396, so I'll close this one

from server-tools.