Story #8090
closed
As a user, I can use REST API to add object level permission to a user
0%
Description
Ticket moved to GitHub: "pulp/pulpcore/1959":https://github.com/pulp/pulpcore/issues/1959
There are multiple ways to enable this use case:
Enable the /pulp/api/v3/users/<uuid>/permissions/ API to accept POST, PUT, and PATCH requests for updating user permissions. However, I suspect this would probably present a challenge for the user because each time permissions are being modified, all permissions would need to be submitted in the request. My suspicion is based on an assumption that all permissions are stored in a single JSON object.
The other option is to add separate endpoints for adding and removing permissions. e.g. /pulp/api/v3/users/<uuid>/add_permissions/ and /pulp/api/v3/users/<uuid>/remove_permissions/
Please note that I have not looked into django-guardian what Views and ViewSets it provides for this functionality.
Updated by bmbouter over 2 years ago
We do want a programmatic way to do this, so +1 to continuing this investigation. I don't have much more detail than is written here. +1 to trying to use the django-guardian viewsets if possible. Ty for working on this!
Updated by pulpbot over 1 year ago
- Description updated (diff)
- Status changed from NEW to CLOSED - DUPLICATE
.