Thursday, June 25, 2015

I continued to work on #173 (Class-based permission control (UserRoles)). I do this in a separate branch class_permissions. It causes quite some code changes in lino.modlib and applications.

Basically if you were defining an attribute required on a table, you must replace this by an attribute required_roles as shown in the following examples:

required = dd.required(user_level="admin")

required_roles = dd.required(dd.SiteAdmin)

The notions of “UserLevels” (user_level) and “UserGroups” (user_group) have been replaced by user roles.

The “role” and the “profile” of a user are the same.

currently still represented by

TODO: rename UserProfile to UserRole and UserProfiles to UserRoles.

The profile of a user now is an instance of some subclass of UserProfile.