Skip to content

feat: partial editors#3668

Open
ThibaudDauce wants to merge 6 commits intomainfrom
partial_editors
Open

feat: partial editors#3668
ThibaudDauce wants to merge 6 commits intomainfrom
partial_editors

Conversation

@ThibaudDauce
Copy link
Contributor

@ThibaudDauce ThibaudDauce commented Feb 16, 2026
edited
Loading

Not sure if it's the right implementation, maybe the simplest?

I'm not sure how to send these permission to cdata. If we create a permissions object on the Dataset, we may need to do n queries to fetch the permission for all datasets in a list (for exemple in a pagination…). Is it a problem?

Other possible implementations:

  • Migrate out of unmaintained Flask-Principal and create a simpler permission system
  • Store the objects lists inside the Member object but it adds a lot of things inside the Organisation object?

@ThibaudDauce ThibaudDauce marked this pull request as ready for review February 16, 2026 10:08
maudetes
maudetes reviewed Feb 17, 2026
View reviewed changes
Copy link
Contributor

@maudetes maudetes left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Have you tried using the logic for granular resource permission described in Flask Principal?
I think we may add the partial organization needs in inject_organization_needs?

@maudetes
Copy link
Contributor

maudetes commented Feb 17, 2026

I'm not sure how to send these permission to cdata. If we create a permissions object on the Dataset, we may need to do n queries to fetch the permission for all datasets in a list (for exemple in a pagination…). Is it a problem?

I think we can also decide to add permissions in dataset_ref_fields

@ThibaudDauce
Copy link
Contributor Author

ThibaudDauce commented Feb 17, 2026

Have you tried using the logic for granular resource permission described in Flask Principal? I think we may add the partial organization needs in inject_organization_needs?

I changed it in 07bbc62, it's simpler but not lazy. We fetch all assignations at the beginning of every requests. It could be also a problem if someone has a lot of assignations. But it's easy to change later if we have perfs problems. It also solves the problem with permissions in list since we have the information before-hand.

@ThibaudDauce ThibaudDauce mentioned this pull request Feb 19, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@maudetes maudetes maudetes left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ThibaudDauce @maudetes