-
Notifications
You must be signed in to change notification settings - Fork 4
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
set up groups and permissions #67
base: main
Are you sure you want to change the base?
set up groups and permissions #67
Conversation
the CVE container was misplaced on the issue data model. this change also adds lots of convenience for the admin backend, because currently maintainer data is not ingested from the evaluation dump.
also refactor the Nix setup, which didn't actually work: the overlay packages did not end up in the final package set. now they are.
2afb961
to
c9c0d09
Compare
def ensure_groups(sender, **kwargs): | ||
from django.contrib.auth.models import Group | ||
|
||
secteam, created = Group.objects.get_or_create(name="Security team") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why do we make dynamic groups? This feel overly complicated? All our groups are statically known: superadmins, security team, committers, maintainers, viewers. Do you want to bring more groups than those?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am quite meh about the packaging changes for Python (I spent some time on fixing the mess that was happening out there.) and I do not understand the need of the extra dependency.
Ah I think I fucked up my commits and the missing commit for you is here: 67dd36d. |
The important part for permissions will be the REST API we will build, we have https://www.django-rest-framework.org/api-guide/permissions/ for that. |
For views, we already have the built-in system in https://docs.djangoproject.com/en/5.0/topics/auth/default/#permissions-and-authorization. |
No description provided.