~ | | Add site divisions within Review Board with permission checking. |
| ~ | Add site divisions within Review Board. |
| |
|
| | This change adds a new app within RB called "site", which will be used to divide
|
| | a single review board server with permissions barriers. At the moment, a
|
~ | | LocalSite has a name and a list of users who have access to that site. This is
|
| ~ | LocalSite has a name and a list of users who have access to that site. This is
|
| | related to various objects via a foreign key. If that relation is null, the
|
~ | | given object is treated as being totally open. If not, the requesting user is
|
~ | | checked against the users list. |
| ~ | given object is treated as being totally open. If not, the requesting user will
|
| ~ | be checked against the users list. |
| + |
|
| + | The plan is to namespace our URLs such that most views can either be at the root
|
| + | (for example, "/r/1/") or prefixed with the LocalSite name ("/site-name/r/1/").
|
| + | If an object has a LocalSite set, it must be accessed via the URL with the
|
| + | name. While many objects will have pks that are universally the same (comments,
|
| + | for example), we want it to appear as if, for all intents and purposes, they
|
| + | have their own reviewboard instance running in a rooted name. |
| + |
|
| + | The one special object as far as IDs go is ReviewRequest. This has both a pk and
|
| + | a "local_id" field. The local_id is a special field which is unique among all
|
| + | ReviewRequests that have the same local_site. This allows us to give the sites
|
| + | their own ID namespaces, since people will be passing the IDs on the
|
| + | command-line for post-review. |