|
|
dd72843ffb
|
feat(access): Enable Objects from global organization to be viewable by user with the permission
ref: #448 #459
|
2025-01-03 12:14:26 +09:30 |
|
|
|
a4a9f2c3a9
|
feat(access): Enable the calling of the dynamic permissions function to obtain permissions
creates recursive loop
ref: #437 #459
|
2025-01-02 17:01:01 +09:30 |
|
|
|
f7b444b8e4
|
fix(access): If no org specified during permission check, rtn false for permission
ref: #437 #459
|
2025-01-01 18:25:44 +09:30 |
|
|
|
4656617583
|
fix(access): Cached list objects must be a list including an empty one as required
ref: #442 #456
|
2024-12-28 18:31:53 +09:30 |
|
|
|
a07dee370c
|
refactor(access): Use exceptions for permission flow as required
ref: #442 #456
|
2024-12-28 17:33:11 +09:30 |
|
|
|
e96916768e
|
feat(access): Cache the permission required during permission checking
ref: #442 #456
|
2024-12-28 15:47:12 +09:30 |
|
|
|
62fcb5aa01
|
test(api): Adjust test case for metadata visibility
view user only
ref: #442 #456
|
2024-12-27 22:28:12 +09:30 |
|
|
|
10becacbf7
|
fix(access): Add HTTP/Method=DELETE as valid option for object delete/destroy.
ref: #442 #454
|
2024-12-26 15:31:02 +09:30 |
|
|
|
534186a7f9
|
fix(access): Ensure Object permission are checked when an object is having an action performed against it.
ref: #442 #454
|
2024-12-26 14:11:05 +09:30 |
|
|
|
4be1e97cbe
|
refactor(access): Object permission checking moved to has_object_permission function
ref: #442 #454
|
2024-12-26 00:49:40 +09:30 |
|
|
|
f2181b018d
|
refactor(access): move ability to get required permissions from permissions mixin to organization mixin
ref: #442 #454
|
2024-12-26 00:33:21 +09:30 |
|
|
|
d61929adaa
|
refactor(access): Organization Mixin now caters for API ONLY
ref: #442 #454
|
2024-12-25 20:57:31 +09:30 |
|
