New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ACL-based auth policy and the @permission_required_for_context decorator. For now used with /users API #234
Conversation
…uired_for_context decorator. Used for one /user endpoint (GET /user/<id>)
…g /users to work for one account only, and moving API context factories to a common location
…s for principals matching
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Besides some minor fixes, I feel like we should be incorporating more Marshmallow functionality here.
And about your question:
We can still discuss what to do with service listings and /getService from here on out. They list required roles for each service. Will that persist?
I think this might be two questions actually:
- Will the USEF roles in those service listings become obsolete? I believe they might, but I haven't completely thought this through.
- Do we want the service listings to list relevant ACL? I believe we do.
… already pins it >3)
…ecking decorator to get the resource from keyword args
…sion decorator a bit
I believe the way we list auth access for services will be addressed a bit later. I might be interesting to put the ACLs in natural language, actually. I'll add a card to this project (https://github.com/SeitaBV/flexmeasures/projects/4). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Only small requests left: mainly some questions about documentation and the wish for a policy regarding raising errors or returning error messages in decorators.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Possibly still needs an adjustment to the function signature of the error handler.
closes #201
/getService
from here on out. They list required roles for each service. Will that persist?