#7633 API for has_access


It would be useful to have an API to run has_access permission checks so that 3rd-party clients can rely on Allura permissions. I think that it would be an API per-tool and per-project including neighborhood-projects (whose API needs some fixing) and that you would need 'admin' access on the project to use the API. It could take a username and role and return a true/false result.


Tickets: #7634


  • Igor Bondarenko - 2015-05-14
    • labels: allura-api --> allura-api, 42cc
    • status: open --> in-progress
    • assigned_to: Igor Bondarenko
  • Igor Bondarenko - 2015-05-15
    • status: in-progress --> review
  • Dave Brondsema

    Dave Brondsema - 2015-05-18
    • labels: allura-api, 42cc --> allura-api, 42cc, sf-current, sf-2
  • Dave Brondsema

    Dave Brondsema - 2015-05-29

    Very nice. Just two ways it could be better. One is getting docs ready for https://sourceforge.net/p/forge/documentation/Allura%20API/. Probably don't need to list it on every endpoint, but could mention it once in a general section (once [#6797] is done it could be a "trait").

    Also the tests are fairly repetitive. It's not necessarily wrong so I'm not saying you have to change this now, but at least in the future consider refactoring for some shared helpers (mixins maybe, like you did for the api functionality itself). Test code is code too, and deserves refactoring.



    Tickets: #6797

  • Dave Brondsema

    Dave Brondsema - 2015-05-29
    • status: review --> in-progress
    • Reviewer: Dave Brondsema
  • Igor Bondarenko - 2015-06-01

    I did write the documentation for this, but forgot to post it :)

    Here it is:

    This is API to run permission checks. It is available on a neighborhood, project and tool level.
    - Neighborhood: `/rest/p/has_access`
    - Project: `/rest/p/project_name/has_access`
    - Tool: `/rest/p/project_name/mount_point/has_access`
    It is only available to users that have 'admin' permission for corresponding neighborhood/project/tool.  It requires `user` and `perm` parameters and will return JSON dict with `result` key, which contains boolean value, indicating if given `user` has `perm` permission to the neighborhood/project/tool.
    - `GET /rest/p/test/wiki/has_access?user=admin1&perm=create`
        - returns `{ result: true }`
    - `GET /rest/p/test/wiki/has_access?user=user01&perm=create`
        - returns `{ result: false }`


    I agree that test are repetitive, I'll try to refactor this kind of stuff in the future. If you ok with these tests as it is you can close the ticket.

  • Igor Bondarenko - 2015-06-01
    • status: in-progress --> review
  • Dave Brondsema

    Dave Brondsema - 2015-06-01
    • status: review --> closed
  • Dave Brondsema

    Dave Brondsema - 2015-06-01
    • labels: allura-api, 42cc, sf-current, sf-2 --> allura-api, 42cc, sf-2
  • Igor Bondarenko - 2015-06-18
    • Milestone: unreleased --> asf_release_1.3.0

Log in to post a comment.