You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@allura.apache.org by Dave Brondsema <br...@users.sf.net> on 2013/09/27 21:33:01 UTC

[allura:tickets] #6715 Change has_access() handling of DENY



---

** [tickets:#6715] Change has_access() handling of DENY**

**Status:** open
**Labels:** cleanup 
**Created:** Fri Sep 27, 2013 07:33 PM UTC by Dave Brondsema
**Last Updated:** Fri Sep 27, 2013 07:33 PM UTC
**Owner:** nobody

We currently have deny checks pretty early in the has_access() logic.  It would be better to have the ACL order be respected, and have a DENY return false.

Need to make sure that tool-level user blocks still work properly, as do private tickets and developer-only forums.

Make sure tests & docstrings are updated, since this is important functionality.  See particularly `test_weird_allow_vs_deny`


---

Sent from sourceforge.net because allura-dev@incubator.apache.org is subscribed to https://sourceforge.net/p/allura/tickets/

To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/allura/admin/tickets/options.  Or, if this is a mailing list, you can unsubscribe from the mailing list.