Skip to content

check user permissions using "permissions" field #130

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Mar 21, 2022
Merged

check user permissions using "permissions" field #130

merged 4 commits into from
Mar 21, 2022

Conversation

alexbruy
Copy link
Contributor

@alexbruy alexbruy commented Mar 17, 2022
edited by varmar05
Loading

As described in MerginMaps/qgis-plugin#351 when user who is not an owner of the organization tries to sync project of the organization they get error. It happens because client relies on the access field of the project information to determine whether user has write permissions on a given project. However access field is taken from the explicit project permissions, while invited to the organization users get access via this organization.

In order to overcome this issue we need to check write access using permissions field, as this field is evaluated with respect to namespace.

Refs MerginMaps/qgis-plugin#351

Refs CU-28km50n

@alexbruy
don't rely only on the "writersnames" field of the project information
fa059c4 
to determine whether user has write permissions on a specific project.
Use also "permissions" field as it takes into account namespace
settings
@alexbruy alexbruy force-pushed the fix-permissions-retrieval branch from 02d2501 to fa059c4 Compare March 17, 2022 17:54
@alexbruy alexbruy mentioned this pull request Mar 17, 2022
Merged
@alexbruy
Copy link
Contributor Author

@varmar05 hope I understand your explanations correctly. But it looks like both fields "writersnames" and "permissions" should be taken into account, as project can be shared between users directly without organization.

@saberraz
Copy link
Contributor

That's correct:
1- you can be a part of an organisation with write access.
2- you can be also outside an organisation and the project is shared with you with write permission

@varmar05
Copy link
Contributor

@varmar05 hope I understand your explanations correctly. But it looks like both fields "writersnames" and "permissions" should be taken into account, as project can be shared between users directly without organization.

field "permissions" should be enough to cover both use cases since it check for direct permissions and org permissions

@ghost
Copy link

ghost commented Mar 18, 2022

Task linked: CU-28km4we Can't remove project with 'remove locally' option

@varmar05
Copy link
Contributor

@alexbruy do we have tests for both use cases? sharing directly and via organization?

@alexbruy alexbruy force-pushed the fix-permissions-retrieval branch from 84fd434 to df38bfd Compare March 18, 2022 14:13
varmar05
varmar05 reviewed Mar 18, 2022
View reviewed changes
@varmar05 varmar05 merged commit f0693cf into master Mar 21, 2022
@alexbruy alexbruy deleted the fix-permissions-retrieval branch February 3, 2023 08:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@varmar05 varmar05 varmar05 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@alexbruy @saberraz @varmar05