From 6e3e8e24c801efea3f98193583fcc46cd1abaff9 Mon Sep 17 00:00:00 2001 From: mb Date: Wed, 26 Aug 2020 13:21:12 +0200 Subject: [PATCH] generator documentations. --- invenio_config_tugraz/permissions.py | 38 +++++++++++++++++++++++++--- 1 file changed, 35 insertions(+), 3 deletions(-) diff --git a/invenio_config_tugraz/permissions.py b/invenio_config_tugraz/permissions.py index 02fc89d..a46b1d4 100644 --- a/invenio_config_tugraz/permissions.py +++ b/invenio_config_tugraz/permissions.py @@ -226,13 +226,45 @@ class RecordIp(Generator): # TODO: Implement def needs(self, **kwargs): - """Enabling Needs.""" + """Enabling Needs, Set of Needs granting permission. + + If ANY of the Needs are matched, permission is granted. + + .. note:: + + ``_load_permissions()`` method from `Permission + `_ adds by default the + ``superuser_access`` Need (if tied to a User or Role) for us. + It also expands ActionNeeds into the Users/Roles that + provide them. + """ return [] def excludes(self, **kwargs): - """Preventing Needs.""" + """Preventing Needs, Set of Needs denying permission. + + If ANY of the Needs are matched, permission is revoked. + + .. note:: + + ``_load_permissions()`` method from `Permission + `_ adds by default the + ``superuser_access`` Need (if tied to a User or Role) for us. + + It also expands ActionNeeds into the Users/Roles that + provide them. + + If the same Need is returned by `needs` and `excludes`, then that + Need provider is disallowed. + """ return [] def query_filter(self, **kwargs): - """Elasticsearch filters.""" + """Elasticsearch filters, List of ElasticSearch query filters. + + These filters consist of additive queries mapping to what the current + user should be able to retrieve via search. + """ return Q('match_all')