Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Declare permission that never allows anything #23

Open
mgax opened this issue Sep 23, 2013 · 1 comment
Open

Declare permission that never allows anything #23

mgax opened this issue Sep 23, 2013 · 1 comment

Comments

@mgax
Copy link

mgax commented Sep 23, 2013

I'd like to declare a permission whose .can() method always returns False (background: it's returned from a factory function and the meaning is that some objects may not be edited/removed by anyone).

There are a couple of ways to do this:

  • subclass Permission and override the method;
  • crate a Need that is shared by all identites and return a permission that excludes it.

I prefer the need-based method because it retains the ability to perform permission algebra with the new permission. So then, how to add this need to the AnonymousIdentity? How about we define a Principal.get_default_identity method that subclasses can override?
@mattupstate
Copy link
Collaborator

@mgax I like this suggestion. There really isn't any way to configure the anonymous identity at this point.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mgax @mattupstate