Wednesday, November 27, 2019

After having tried yesterday some time without a new database field lino.modlib.comments.Comment.private for every single comment, I now think that we need this field indeed. The author of a comment can (potentially, if the application developer decides to expose this field) mark individual comments as private or not. Also imagine the case that some ticket is marked as private, comments are being written with confidential data, and then the change the ticket to non-private: the existing comments should not become public in that case.

Applications can control the default value for this field by setting the new plugin attribute private_default or by overriding Commentable.is_ticket_private(). The latter is done e.g. by tickets.Ticket so that every new comment on a public site will be public by default.

In Noi (that’s a decision of the application developer), even private tickets are visible to other team members. Their visibility depends on the user itself (not just on the user_type): even unprivileged users can see private tickets and sites if they are member of the team.

Model.get_queryset is an important feature for the Lino framework : the application developer can limit visibility of individual rows depending on the user. That’s not feasible with a Django objects manager.

While trusted developers can see private tickets and sites without being a member of their team, they cannot see private comments unless they are a team member.

New role lino.modlib.comments.roles.PrivateCommentsReader. And trusted developers have this role in Noi. Why did we need this new role?

We now have team comments : A team comment is a comment to the whole team, not about a given ticket. The feature came into Noi as a side effect together with the team notion (because lino_xl.lib.groups.Group inherits from lino.modlib.comments.Commentable). I think it makes sense for us: e.g. for notifications about team meetings or discussions that span several tickets.

Team comments are private by default: they are not seen by anonymous users. But they should be seen by contributors who are member of the team.

I renamed Model.get_queryset() to lino.core.model.Model.get_user_queryset() to differentiate it more clearly from lino.core.dbtables.Table.get_queryset().

It is important to protect comments that are marked as private from being seen by unauthorized people. Comment.get_user_queryset returns an empty queryset if the user is not a lino.modlib.comments.roles.CommentsReader.

The Commentable mixin no longer defines a database field private. For example in Lino Avanti the Client model is Commentable, and until now every client had a field private, but this field was neither visible nor used. Also groups.Group no longer has this field. Team comments are always private by default.

I pushed my work to master because it seems basically okay now. Though some tests are still failing. The RecentComments table is still empty for anonymous users, but we do want our comments on public tickets to be public, don’t we?

I got the answers to these questions when explaining the problem to Hamza. You can actually watch this on youtube.

Basically the AnonymousUser in Noi was not yet inheriting from CommentsReader.

I also added test cases to avanti where we definitively do not want any comments to be seen to anonymous: comments (comments in Avanti). This document is similar to comments (comments in Noi), and we should have a similar page for Lino Tera.

Problem after upgrading to openpyxl 3

TypeError: got invalid input value of type <class ‘xml.etree.ElementTree.Element’>, expected string or Element