Page MenuHomePhabricator

Define user roles in the database
Closed, DeclinedPublic

Description

There are two user roles which have been decided as of now - 'administrator' and 'reviewer'. Define a 'roles' table in the database to represent these roles. Add user specific role assignment and verification functionality to the app.

Microtask for T89416 - Accuracy review of Wikipedias

Event Timeline

This commit is part of the branch 'roles'. It currently has a few errors during db migrations. I added a 'roles' table to the db along with the following additions/changes to the master code:

  1. app/manage.py - added a table called 'roles', added a class called Permissions to associate flag bits for each permission. Reviewer class has new methods for initializing and checking permissions. A separate AnonymousReviewer class has also been added to deny all permissions.
  2. app/templates/403.html - new template to display the 'Forbidden' message for unauthorized access
  3. app/main/errors.py - added an error handler for rendering the 403 template
  4. app/decorators.py - custom decorator for rendering views only for specific permissions
  5. app/main/__init__.py - added a context processor to make permission variables globally availabel to all templates
  6. manage.py - make_shell_context instantiates Role and Permission
  7. tests/test_reviewer_model.py - added tests for checking permissions of a reviewer and anonymous reviewer

The code for this commit is here.

This version of the app works fine in the browser. But throws up an error during db migrations :/ Still need to fix that.

We aren't going to require user registration or logins. Reviewers participating in reputation management systems will sign their review comments with a unique identifier. The failure mode of impersonation can be overcome by having that unique identifier be, include, or point to email to which confirmation is sent. cc @prnk28