launchpad-dev team mailing list archive
-
launchpad-dev team
-
Mailing list archive
-
Message #03467
Re: [tech] ACL system
Hi Björn.
I have a few notes.
- I'd argue that a user interface and workflow should drive our goals. I'd also say that it is the right way to present the plans when we request feedback from our stakeholders. I'm concerned that this document appears to be approached exclusively from the perspective of internal API, which I feel is very important, but about implementation, not direction. Does a user-focussed document about these changes already exist somewhere?
- Cacheing should be an increasingly important aspect of our performance concerns, particularly of fundamental design decisions like this one. I'd like to have some thoughts and discussion on how this plan affects cacheing (via something like memcache). The approach to searching you discuss, for instance, should be driven from, or at the least informed by, both user interface goals and performance concerns, IMO.
- From an implementation perspective, is the intent that this will continue to be enforced with the current security proxy mechanism? (I would expect so, but I didn't see confirmation in the document.)
- You have this comment: "Note that in order for this to work in practice, giving someone access to a bug only, means that they will also be allowed to see basic information about the project, for example the project name." That's a very good point. What's your expected approach to deal with this?
Thank you
Gary
On May 25, 2010, at 9:27 AM, Bjorn Tillenius wrote:
> So, we want to do have an ACL system in Launchpad, to be able to have
> private projects. I'm attaching acl.txt from
> lp:~bjornt/launchpad/privacy-spike, which hopefully explains the system
> good enough. Jono, is this document something that you can show
> stakeholders, or would you prefer something. I'm hoping that the
> overview part will be enough for them. I'm happy to extend it as needed.
>
> I'm currently working on a proof-of-concept implementation in the
> mentioned branch, to try out the API. I have something that more or less
> works, and I'm currently trying to do performance testing, to see if the
> database model make sense, or we have to come up with something else.
>
> For the more interested, test_acl.py in that branch shows what is
> currently imlemented and working.
>
>
> --
> Björn Tillenius | https://launchpad.net/~bjornt
> <acl.txt>_______________________________________________
> Mailing list: https://launchpad.net/~launchpad-dev
> Post to : launchpad-dev@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~launchpad-dev
> More help : https://help.launchpad.net/ListHelp
Follow ups
References