Skip to content

Cannot define class based rule #10

New issue
New issue
Open
Open
Cannot define class based rule#10
@mattupstate

Description

@mattupstate
mattupstate
opened on Dec 11, 2014

I see in the code that the behavior when the subject is a class instance the condition always returns True. I want a specific type of user to be able to CREATE instances of a resource/model but others to not be able to. For example:

they.can(
    READ, Model,
    lambda r: is_member(r) or is_staff(r))

they.can(
    EDIT, Model,
    lambda r: is_member(r) or is_staff(r))

they.can(
    (CREATE, DELETE), Model,
    lambda r: is_staff(r))

I only want "staff" to be able to CREATE and DELETE instances of the Model. However, there does not seem to be a way to do this. The last rule's condition function is never called. What am I not understanding?

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions