-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
getCorpora return value should contain permissions #77
Comments
This would indeed make filtering corpora based on permissions much easier. However, returning permissions for the whole set of users and groups could lead to security/privacy issues. I'd rather only return the current user's permission. This would be enough to solve the issue, right? |
For the current user, we need to know the permissions on each corpus. Something like |
Yes. That's what I had in mind. |
Thinking about it, we also need to know where the permission comes from (in case it is changed afterward)… Let me think about it a bit more and come back to you. Thanks |
Currently if the current user is not an admin, he can not know to which groups he belongs. So it necessary to have:
(I guess we will have the same requirement for anything with permissions: media, layers, etc.) And also it would help to have:
|
I will try to patch Concerning the second point, |
Thank you. |
Just pushed cde63fc to |
Just pushed df051bf to I still need to do more tests to check that it did not break other parts of the API but that would be great if you could try it... |
Yes this works perfectly. Thank you. Note that the |
To update a corpus, a user needs
ADMIN (3)
permission on this specific corpus.When we list all corpora on a page and want to display an
Update corpus
button for each corpus allowed to the current admin user, we need to:getCorpora
orgetCorpus
getCorpusPermissions
(and make as many subsequent http call) to get the permissionsIt would be much lighter if
getCorpora
/getCorpus
return value contained permissions (insidegroups
andusers
objects) for each corpus.The text was updated successfully, but these errors were encountered: