simplify permissions
Our permission system is not very polished which is a bit alarming for an application that has a focus on security. It has some unique properties (privacy levels and study memberships with local roles) but apart from that we used the default "view|add|change|delete_model" permissions that come with django by default.
Roughly speaking there are 4 layers to this:
- The code that uses permissions in a certain way
- The permissions themselves
- Groups/roles that bundle permissions
- Users
The roles are meant to be customizable for every deployment. However, that would require that the layers below that have a meaningful structure, i.e. permissions can be combined in different ways. However, at the moment we lack that structure and combining permissions could have unexpected results. (I am exaggerating a bit, there is not no structure, but not as much as I would like.)
So my proposal is to refactor the permissions:
- Have a clearly defined set of permissions that are actually used
- Reduce the total number of permissions
- no separate permissions for "add" and "change"
- no separate permissions for submodels, e.g. use subject permissions also for attributesets and contacts
- Rename some permissions
I think I was able to improve the situation with regards to (2) and (3). In this branch I used only 12 permissions compared to 21 in the main branch.
I had hoped to accomplish (1) by removing all permissions which are not used. This is theoretically possible. But in practice this is a lot of boilerplate. I also have not found a way to remove permissions for django internal models (e.g. ContentType
). So now I think documenting the used permissions might be a better way.