Uploaded image for project: 'Automation Hub'
  1. Automation Hub
  2. AAH-1093

[PoC] Remove Django Guardian Dependencies

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Done
    • Icon: Normal Normal
    • 2.3
    • None
    • Backend
    • None
    • False
    • False
    • Hide
      • Ensure Django Guardian is completely removed as a dependency from the project
      • APIs such as namespaces and container namespaces that used to allow for setting permissions for a set of groups can now be used for setting roles for a set of groups.
      • APIs that return objects based on ownership should function normally (my-synclists, my-namespaces, my-permissions filter on container page)
      • Verify backwards compatibility is maintained on the v3 namespaces API for object permission assignment

      Functional test requirement details will be added later.

      Cloud integration tests need to be updated to verify these changes.

      Show
      Ensure Django Guardian is completely removed as a dependency from the project APIs such as namespaces and container namespaces that used to allow for setting permissions for a set of groups can now be used for setting roles for a set of groups. APIs that return objects based on ownership should function normally (my-synclists, my-namespaces, my-permissions filter on container page) Verify backwards compatibility is maintained on the v3 namespaces API for object permission assignment Functional test requirement details will be added later. Cloud integration tests need to be updated to verify these changes.
    • ANSTRAT-423 - Direct LDAP connection from Private Hub in App without another VM being required
    • 4.5.0a Sprint 2, 4.5.0a Sprint 3, 4.5.0a Sprint 5, 4.5.0 Sprint 6, 4.5.0 Sprint 7, 4.5.0a Sprint 4

      Django Guardian will no longer be used for enforcing or setting object level permissions and it must go. This will require the following changes:

      • The GroupPermissionField must be updated to return a list of roles assigned to each group for a specific object
      • MyPermissionField must use the pulp methods for getting a list of permissions each user has on an object.
      • All instances of get_objects_for_user must updated
      • Synclist ownership has to be refactored
      • Tests need to be updated to use roles
      • Container namespace owners must be migrated to use roles.

            bmclaugh@redhat.com Brian McLaughlin
            dnewswan David Newswanger
            Christian Torrens Christian Torrens
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: