Authorization checks should not be in the database layer

Registered by Mark Washenberger on 2013-03-07

Glance currently performs authorization checks in the database layer drivers. This approach has caused bugs in the past, increases the complexity of implementing drivers, and makes understanding the code more difficult. By adopting a query interface that supports Specification pattern arguments, we can make fairly simple db drivers and move all authorization constraints into a layer in the domain.

Blueprint information

Status:
Not started
Approver:
Brian Waldon
Priority:
Low
Drafter:
Mark Washenberger
Direction:
Approved
Assignee:
None
Definition:
Approved
Series goal:
None
Implementation:
Not started
Milestone target:
None

Related branches

Sprints

Whiteboard

Still a good idea, I have some example code around how I might like to see it done. But for now this is just wishlist.
markwash wishlist 2014-02-14

Could you please share details of it, Also I am interested to working on it. So, Please assign it to me. [<email address hidden>]

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.