Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Allow draft asset access to be restricted to specific users #471
Certain documents in Whitehall can be marked as access limited; which means that they're only accessible to users within the same organisation(s) that the document belongs to. Any attachments belonging to those documents should be subject to the same restrictions. This branch adds functionality to allow access to draft assets to be restricted to a subset of users. Setting the
This implementation is based on a cut-down version of the equivalent functionality in the Content Store; notably I'm not storing the
Note the additional duplication in the two media controllers. I imagine we'll DRY this up in future.
Note that I'm not emitting the access_limited data from the AssetPresenter. It doesn't feel quite right to emit this sensitive information.
floehopper left a comment
This all looks good to me, but I think it would be good to explain a couple of things somewhere:
I'm happy for you to decide how to address these comments. Marking as approved.
We want to be able to restrict access to draft assets to a subset of users. This is only a requirement for Whitehall assets in the short term but I think that enabling it for all assets will make Asset Manager easier to understand. I'm basing this access limitation in Asset Manager on a cut-down version of the equivalent functionality in the Content Store; notably I'm not storing the `auth_bypass_ids` that it's possible to set on a `ContentItem` in the Content Store. Whitehall doesn't appear to set any `auth_bypass_ids` when publishing to the Content Store (in fact, it might only be Publisher that does set them) so I don't think we need to either. The `access_limited` attribute should either by an empty array (meaning that the asset is accessible to everyone) or an array of user UIDs (meaning that the asset is only accessible to users whose UID appear in the list). This mirrors the behaviour in the Content Store.
In #481, although I added redirect_url to the base class Asset, I only implemented the media controller behaviour for Whitehall assets. Having seen that @chrisroos added access_limited behaviour to Asset Manager for *all* asset types in #471, I've decided that it's confusing for the redirect_url behaviour to only work for Whitehall assets.