You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
After adding permissions in #51, we ended up with an automatically checked permissions layer at the API level in PliantDb. This layer can be extended into the custom API. This sounded like a great way to bootstrap the permissions system, and it was.
But, there was an option when doing this: first was to just use actionable for the custom API but implement permissions inside of PliantDb separately. The question was: did I want to support permission-restrictions on local database operations? At the time, I thought it would purely be for unit testing, so I opted not to.
Since then, I have realized that I do want it for unit tests, but also for general purpose application development. When thinking of a database application that doesn't need to allow clients to connect to the database over a network, if you aren't allowed to define permission models and enforce them, you'll have a host of new problems if you decide to switch in the future.
This issue is to track a refactor moving permissions checks into pliantdb-local.
Add unit tests for all current permission checks.
Modify current dispatchers in Server to use none protection.
Re-implement permission checks in pliantdb-local using effective_permissions from Add User Authentication #64.
Make Database::with_effective_permissions() public.
The text was updated successfully, but these errors were encountered:
Storage/Database now do permissions checks. Refs khonsulabs#68
StorageInstance implements StorageConnection with no permissions checks,
which is used internally to give "superuser" permissions to the
administrative APIs.
This also changes authenticate() to return a new StorageConnection. This
lays the groundwork for a single connection allowing simultaneous
authentication sessions -- something I was alraedy thinking was
necessary to support temporary role assumption (Refs khonsulabs#151).
As per the last commit in this branch, this work is solely focused on
bonsaidb-local at the moment. Server and Client are both in a state of
disarray.
After adding permissions in #51, we ended up with an automatically checked permissions layer at the API level in
PliantDb
. This layer can be extended into the custom API. This sounded like a great way to bootstrap the permissions system, and it was.But, there was an option when doing this: first was to just use actionable for the custom API but implement permissions inside of
PliantDb
separately. The question was: did I want to support permission-restrictions on local database operations? At the time, I thought it would purely be for unit testing, so I opted not to.Since then, I have realized that I do want it for unit tests, but also for general purpose application development. When thinking of a database application that doesn't need to allow clients to connect to the database over a network, if you aren't allowed to define permission models and enforce them, you'll have a host of new problems if you decide to switch in the future.
This issue is to track a refactor moving permissions checks into
pliantdb-local
.Server
to usenone
protection.pliantdb-local
usingeffective_permissions
from Add User Authentication #64.Database::with_effective_permissions()
public.The text was updated successfully, but these errors were encountered: