DataTable column level policy checks
Summary
=======
Add Column-level policy checks to DataTable.
This blueprint supersedes the blueprint datatable-
Indeed, the permissions mechanism was rejected during code reviews.
Motivation
==========
The need arose when implementing blueprint trove-list-
The table which displays datastores versions must include columns for admins.
Regular users must see only "name" and "ID" whereas an admin will sees
"name", "ID", "active", "packages" and "image ID".
Description
===========
Be able to filter DataTable's columns depending on policy.
Thus we can easily display admin only columns.
This is *not only* about hiding columns.
For instance, some data are not available to regular users in API responses.
So when a user does not have the permissions we must ignore the columns as if
they were not defined.
basic example
-------------
class MyTable(
column = tables.Column(...)
admin_
Only a admin would see the second column.
Regular users would see only the first.
concrete example
----------------
See the following files in https:/
* DataTable patch: horizon/
* Usage: database_
UX
==
None
Testing
=======
When policy checks fail for a user, we must ensure that:
* The column is not showed
* The column data is not processed at all
Outside Dependencies
=======
None
Requirements Update Required
=======
None
Doc Impact
==========
Document how to filter DataTable columns thanks to the new argument:
``policy_rules``.
Blueprint information
- Status:
- Complete
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- Romain Hardouin
- Direction:
- Needs approval
- Assignee:
- Romain Hardouin
- Definition:
- New
- Series goal:
- None
- Implementation:
- Implemented
- Milestone target:
- None
- Started by
- Romain Hardouin
- Completed by
- Cindy Lu
Related branches
Related bugs
Sprints
Whiteboard
Gerrit topic: https:/
Addressed by: https:/
DataTable column level policy
[2.21.2017 clu_] this was merged Jan 18. :)