Authorization checks should not be in the database layer
Registered by
Mark Washenberger
Glance currently performs authorization checks in the database layer drivers. This approach has caused bugs in the past, increases the complexity of implementing drivers, and makes understanding the code more difficult. By adopting a query interface that supports Specification pattern arguments, we can make fairly simple db drivers and move all authorization constraints into a layer in the domain.
Blueprint information
- Status:
- Not started
- Approver:
- Brian Waldon
- Priority:
- Low
- Drafter:
- Mark Washenberger
- Direction:
- Approved
- Assignee:
- None
- Definition:
- Approved
- Series goal:
- None
- Implementation:
-
Not started
- Milestone target:
- None
- Started by
- Completed by
Related branches
Related bugs
Sprints
Whiteboard
Still a good idea, I have some example code around how I might like to see it done. But for now this is just wishlist.
markwash wishlist 2014-02-14
Could you please share details of it, Also I am interested to working on it. So, Please assign it to me. [<email address hidden>]
(?)
