Comments (12)
I like that idea. How about using bitwise operator for user rights?
// Permission bits
allow_viewing = 0x01
allow_download = 0x02
allow_editing = 0x04
allow_upload = 0x08
allow_admin = 0x10
// This user can view and download books
user.role = int(perm_viewing | perm_download)
// Download requested
if allow_download & user.role:
send_the_book...
from calibre-web.
other idea would be to use primenumbers for different rights. f.e:
2=show books
3=download books
5=edit metadata
7=upload books
11=admin
then the role of the user is saved as product of the prime numbers
show books&dowload books&upload books would be 42
if you want to know if the users has upload rights you test if the role-number is divisible by 7
pros: lots of possible combination of user rights. extensible (f.e delete)
cons: not compatible with current numbers 1 and 0. but compatibiliy could be added with and extra test if role==1 or 0
from calibre-web.
+1 for bitwise operator. i will try to impement this...
from calibre-web.
How about using Flask-Principal? since it's already setup to be used for Roles handling that would be the best option imo...
so role handling would be something like this:
allow_admin = RoleNeed('admin')
admin = Permission(allow_admin)
admin.description = "Admin permissions"
@app.route('/admin')
@admin.require(http_exception=403)
def admin():
return render_template('admin.html')
That's how i planed on implementing this in the first place :D
from calibre-web.
Right, just realized that you had prepared for that (at least the imports are already there). On first look Flask-Principal seems to be quite a fine-grained (aka complex) framework and maybe overkill for the simple task of limiting access to views with a decorator.
@cervinko has already submitted a PR implementing different levels of user rights: #17. Maybe he can take a look at it and decide whether it's feasible to leverage Flask-Principal for the user roles/rights part.
from calibre-web.
yep, found that PR after i've posted here.
Maybe Flask-Principal is a little bit overkill for such simple tasks but you'll get better control and could easily add/remove roles if needed. My main reason to post was why reinvent the it when it's already there and working pretty well ;)
from calibre-web.
didn't know about flask-principal. for me it looks too complex for our usecase and to be honest i do not really see the advantages of principal to my implementation.
but if anyone would explain the advantages i am not averse to implementing it.
from calibre-web.
@mutschler i just reinvented it, because i didn't know it....
from calibre-web.
well basically the fine tuning i guess... you could for example limit some categories or stuff like that to specific users... if you want a special case for that: don't show everything that's 16+ for your children or something like that... even allow specific users to only edit specific books etc...
from calibre-web.
ok. for my usecase this would be overkill...
from calibre-web.
@mutschler Using an existing framework definitely makes a lot of sense, especially as it relates to adding support for additional usage scenarios that require more fine-tuning. I am not too impressed with flask-principal, but i am sure there are some viable alternatives like for example https://github.com/raddevon/flask-permissions. That being said, @cervinko has already put work in his PR and merging it won't make it any harder to plug in a third-party library in the future.
from calibre-web.
@janeczku it's up to you if you merge or not. but i am not planing to implement an flask-permissions or flask-principal version in near future although it would be better to use an existing framework. i should have searched for frameworks before reinventing the wheel. lesson learnd ;-)
from calibre-web.
Related Issues (20)
- Thank You HOT 1
- Following current reading
- Bug in Caliblur dark theme HOT 2
- Leading spaces are not being trimed on the Publisher & Identifiers field. HOT 3
- Incorrect tags on LubimyCzytac
- Kobo Sync token contents do not follow the expected json schema HOT 1
- Calibre web not working anymore (internal server error) HOT 7
- Using "count()" to determine the total number in `Pagination` HOT 1
- Error calibre-web HOT 2
- docker channel spam attack HOT 1
- Error uploading with ASCII metadatas on PDF HOT 1
- Multiple kindle emails per calibre-web account HOT 2
- Clicking "Books" results in different books listed for different users HOT 1
- FEAT: Add upload from url (instead of from disk) option
- calibre-web app on asus nas HOT 1
- CALIBRE does not convert from EBOOK to PDF (ver 7.7, 64, Calibre ebook management, Windows 11, 64) HOT 4
- Issue setting up gmail in Docker HOT 1
- After installing Calibre-Web, why can I access the IP+port and log in, but the domain name of the reverse proxy can be accessed but I can't log in, and the password is fine. HOT 1
- Calibre-web error 500 repeated even After calibre restart HOT 3
- "OSError: [Errno 22] Invalid argument" on Kobo Sync
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from calibre-web.