Access Control Lists

How permissions work

On top of that we use the access.models.GroupUser and Group to define what access groups a user is a part of, and each group has rules defining which permissions they grant their members, separated by ,.

Permissions that you can use as filters can be either explicit or general.

For example Admin:EditAddons means only someone with that permission will validate.

If you simply require that a user has some permission in the Admin group you can use Admin:%. The % means “any.”

Similarly a user might be in a group that has explicit or general permissions. They may have Admin:EditAddons which means they can see things with that same permission, or things that require Admin:%.

If a user has a wildcard, they will have more permissions. For example, Admin:* means they have permission to see anything that begins with Admin:.

The notion of a superuser has a permission of *:* and therefore they can see everything.

Django Admin

Django admin relies on 2 things to gate access:

  • To access the admin itself, UserProfile.is_staff needs to be True. Our custom implementation allows access to users with a @mozilla.com email.

  • To access individual modules/apps, UserProfile.has_perm(perm, obj) and UserProfile.has_module_perms(app_label) need to return True. Our custom implementation uses the Group of the current user as above, with a mapping constant called DJANGO_PERMISSIONS_MAPPING which translates Django-style permissions into our own.