Skip to content
Snippets Groups Projects
Commit e6df5bbe authored by Julian's avatar Julian
Browse files

Refactor permission checking and differenciate login and selfservice access 

Fixes #104.

Replaced "group" keyword argument for login_required with "permission_check".
Most views already define a *_acl_check function that returns whether the
current user has the required permissions for use with register_navbar. The
same function can now be passed to login_required as the "permission_check"
argument.

Differenciated login and selfservice access permissions. Previously
ACL_SELFSERVICE_GROUP was required to login. Now ACL_ACCESS_GROUP is required
to login and ACL_SELFSERVICE_GROUP is required to access selfservice functions
(and to use role-granting invite links). A user with just ACL_ACCESS_GROUP can
now login, access the services overview page and authenticate with OAuth2
services he has access to, but not change his user attributes, password or
roles/permissions.
parent bf72b10d
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 138 additions and 108 deletions
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Impressum - Datenschutzerklärung