← Back to team overview

launchpad-dev team mailing list archive

Re: Where to put security-related code?

 

On Wed, Dec 16, 2009 at 9:27 PM, Bjorn Tillenius <bjorn@xxxxxxxxxxxxx> wrote:
> On Wed, Dec 16, 2009 at 10:29:53AM +0100, Henning Eggers wrote:
...
>> Adi suggested today that it would be less confusing if we had all the
>> security related code in security.py and use the checkers from model
>> code, i.e. calling something like
>> "OnlyRosettaExpertsAndAdmins(self).checkAuthenticated(user)".
>
> I think you're on a slipperly slope here. Basically what you want to do
> is to replace things like (using pseudo code here):
>
>    if user_is_admin() or user_is_rosetta_expert():
>        do_things()
>
> with:
>
>    if user_is_admin_or_rosetta_expert():
>        do_things()
>
> I.e., you want to take an if condition and replace it with a function.
> Instead of using Python's 'or' key word, you want to construct text
> strings. Your example is simple, but what happens when you need to add
> a condition?

The other thing is that the function's external API is pre-supposing
certain policy decisions. It's much better to name the function after
what you actually _want_ rather than the mechanism for figuring it
out.

e.g. can_translate() rather than user_is_admin_or_rosetta_expert()

An example from the package branches extravaganza: rather than
checking Branch.product is None, we now check
Branch.supportsMergeProposals() (or something like that).

jml



Follow ups

References