Works consisting in defining a clean API, then moving administration
functions from view to core, in progress.
- Functions to add roles, objects and actions.
- Function to modify roles
- Functions to test if a user is authorized to modify or set a permission
on a policy entity
Works consisting in defining a clean API, then moving administration
functions from view to core, in progress.
- Use set_default_alias() instead of get_default_alias()
Works consisting in defining a clean API, then moving administration
functions from view to core, in progress.
- Use functions to test, set and remove policy root administrators
- Use set_default_alias() to check that a user has a default alias
(removing of check_for_admin())
Works consisting in defining a clean API, then moving administration
functions from view to core, in progress.
- Functions to test, set and remove policy root administrators
- raise exception
- else return the (policy, policy_created)
- added the boolean argument 'restore' to the function. By default is True.
New the function can be used to restor the necessary objects of an existing
policy. If put to False, force to have all the objects created freshly.
create_policy view modified as a consequence.
Works consisting in defining a clean API, then moving administration
functions from view to core, are beginning.
- Added set_root_administrator and remove_root_administrator functions.
- Modified empower or downgrade root user view as a consequence
---------------------------------------
- Enable users for delegation of its permissions
- When a permission is given, it is tagged as delegable or not
- A user enabled for delegation can delegate every access it has if
the permission given the access is delegable
- When a permission is delegated, the grantor tells if that permission
may be delegated by the grantee
- When a permission is deleted, all the permissions given by delegation
from this permission are also deleted
- comming soon: time-limited permissions and delegations
Mikaël Ates