Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unexpected view results group/user rights on forum #163

Closed
BrendaH opened this issue Aug 23, 2019 · 1 comment
Closed

Unexpected view results group/user rights on forum #163

BrendaH opened this issue Aug 23, 2019 · 1 comment

Comments

@BrendaH
Copy link
Contributor

BrendaH commented Aug 23, 2019

Perhaps I am misunderstanding the permission system (I've dived into it but do not completely follow the code... I'm afraid).

Example situation:

Category forum A
-- Subforum a

User is member of Group

Things I checked (read each table row from left to right) :

	|	Global	| 	Forum	|	Result	|
=========================================================
Group	|	Yes	|	No	|	No	|
Group	|	No	|	Yes	|	Yes	|
User	|	Yes	|	No	|	No	|
User	|	No	|	Yes	|	Yes	|


	|	Group	| 	User	|	Result	| 	Expected|
=========================================================================
Global	|	Yes	|	No	|	Yes	|	No	|
Global	|	No	|	Yes	|	Yes	|		|
Forum	|	Yes	|	No	|	No	|		|
Forum	|	No	|	Yes	|	No	|	Yes	|

Forum seems to take precedence over global, which is what I'd expect.
However, with group/user there seem to be 2 cases that give the opposite result than I'd expect.

I'd expect that, because a user-set permission is more fine-grained than a group-set permission, the user-set permission should take precedence. Regardless of which one says YES and which one says NO.

Is this intentionally not the case, and if so why?

(I am trying to implement an target-all-authenticated-users permission, but I first need to understand the current way stuff works.)
@BrendaH BrendaH mentioned this issue Sep 10, 2019
Closed
BrendaH added a commit to BrendaH/django-machina that referenced this issue Sep 11, 2019
@BrendaH
Add tests for all user/group precedence cases
df566f8 
test_checker.py
test_knows_that_user_permissions_take_precedence_over_group_permissions only
checked one case of the four that can occur. See table schematic in issue on
github: ellmetha#163
So I added the tree other cases of which 1 currently breaks.

test_handler.py gets a new method
test_can_return_a_list_of_readable_forums_taking_into_account_user_over_group_precedence
to check the workings of _get_forums_for_user and check the same 4 cases as
mentioned above (again, see table schematic in reported issue)
Two of these cases currently break.
@BrendaH BrendaH mentioned this issue Sep 11, 2019
Merged
BrendaH added a commit to BrendaH/django-machina that referenced this issue Sep 11, 2019
@BrendaH
Add tests for all user/group precedence cases
7bd18cd 
test_checker.py
test_knows_that_user_permissions_take_precedence_over_group_permissions only
checked one case of the four that can occur. See table schematic in issue on
github: ellmetha#163
So I added the tree other cases of which 1 currently breaks.

test_handler.py gets a new method
test_can_return_a_list_of_readable_forums_taking_into_account_user_over_group_precedence
to check the workings of _get_forums_for_user and check the same 4 cases as
mentioned above (again, see table schematic in reported issue)
Two of these cases currently break.
@ellmetha
Copy link
Owner

Fixed by #168. Thanks again!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ellmetha @BrendaH