feat: partial editors

[ThibaudDauce]

Not sure if it's the right implementation, maybe the simplest?

I'm not sure how to send these permission to cdata. If we create a permissions object on the Dataset, we may need to do n queries to fetch the permission for all datasets in a list (for exemple in a pagination…). Is it a problem?

Other possible implementations:

• Migrate out of unmaintained Flask-Principal and create a simpler permission system
• Store the objects lists inside the Member object but it adds a lot of things inside the Organisation object?

[maudetes]

Have you tried using the logic for granular resource permission described in Flask Principal?
I think we may add the partial organization needs in inject_organization_needs?

[maudetes]

I'm not sure how to send these permission to cdata. If we create a permissions object on the Dataset, we may need to do n queries to fetch the permission for all datasets in a list (for exemple in a pagination…). Is it a problem?

I think we can also decide to add permissions in dataset_ref_fields

[ThibaudDauce]

Have you tried using the logic for granular resource permission described in Flask Principal? I think we may add the partial organization needs in inject_organization_needs?

I changed it in 07bbc62, it's simpler but not lazy. We fetch all assignations at the beginning of every requests. It could be also a problem if someone has a lot of assignations. But it's easy to change later if we have perfs problems. It also solves the problem with permissions in list since we have the information before-hand.