Changes between Initial Version and Version 1 of Ticket #11697, comment 4
- Timestamp:
- Jul 30, 2014, 9:31:23 AM (10 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #11697, comment 4
initial v1 3 3 The `AuthzPolicy` maps a resource id of `None` to `*`, so we don't want to use `None` here. However, it wasn't possible even before the change to restrict access to the report list page. I think at least we can fix that. 4 4 5 In comment:30:ticket:11176 I had noted that it wasn't possible to //explicitly grant access to the Report List page using an authz policy// and proposed we use `report:0` to refer to the report list page. While I don't really like using `-1` for the report list page, the following minor change would allow `resource:-1` to be used in an authz policy to refer to the report list page. The net change after reverting [13048] would be:5 In comment:30:ticket:11176 I had noted that it wasn't possible to //explicitly grant access to the Report List page using an authz policy// and proposed we use `report:0` to refer to the report list page. However, `report:-1` //should// have already worked for restricting fine-grained access. While I don't really like using `-1` for the report list page, the following minor change would allow `resource:-1` to be used in an authz policy to refer to the report list page. The net change after reverting [13048] would be: 6 6 7 7 {{{#!diff
