Skip to content

Document about auth managers refactor #5624

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Document about auth managers refactor #5624

wants to merge 1 commit into from
+403 −0

Conversation

humitos
Copy link
Member

@humitos humitos commented Apr 23, 2019

Document with current behavior, problems, ideas and notes about how to refactor our custom QuerySet and managers to manage permissions in just one place instead of many different files.

This is a first draft to start the discussion on the direction we will take.

APIv3 implementation (#5356) raised some of the problems listed here: public detail and private listing on resources.

@humitos humitos requested a review from a team April 23, 2019 12:38
ericholscher
ericholscher reviewed Apr 23, 2019
View reviewed changes
docs/design/auth-managers.rst
if self.detail:
return queryset.public
else:
return queryset.private
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think I like this approach. I think my current view is:

  • We should only have public, private, and for_user queryset methods that we support
  • We should build mixins for all the cases that we currently care about, and apply them to the API & Dashboard views consistently
  • If we come to places where we are repeating logic more than 2x, we can consider bringing them back into the querysets, but I think keeping the queryset managers simple and having the mixins hold the integration with the code feels best

The main value here is that the integration of the queryset managers into the code only happens in one place, instead of in each view. This should ensure that we have the same logic in all our views.

@humitos humitos mentioned this pull request May 6, 2019
Merged
16 tasks
@ericholscher
Copy link
Member

@stsewd Are you planning to do the auth refactor? Is it based on this design doc?

@stsewd
Copy link
Member

stsewd commented Jun 6, 2019

@ericholscher this is for querysets/managers, I'm doing the auth backend :)

@humitos humitos added the PR: work in progress Pull request is not ready for full review label Jun 27, 2019
@stale
Copy link

stale bot commented Jul 21, 2019

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@stale stale bot added the Status: stale Issue will be considered inactive soon label Jul 21, 2019
@stale stale bot closed this Jul 29, 2019
@stsewd stsewd deleted the humitos/auth-managers-document branch May 24, 2021 18:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ericholscher ericholscher ericholscher left review comments

Assignees
No one assigned
Labels
PR: work in progress Pull request is not ready for full review Status: stale Issue will be considered inactive soon
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@humitos @ericholscher @stsewd