Mathieu Leplatre

Add __cspreport__ endpoint?

2

Especially if the kinto-admin plugin is enabled? * https://hacks.mozilla.org/2016/02/implementing-content-security-policy/ * See https://github.com/mozilla-services/kinto-dist/issues/108

Principals from settings not taken into account when hiding permissions

1

Since #837, the permissions are empty if the user has no `write` permission. But the permissions from settings are not taken into account. For example, with this conf: ``` ini...

Rename object id

7

Suggested by @n1k0 Example: ``` echo '{"data": {"id":"tutu"}}' | http PUT :8888/v1/buckets/test --auth user:pass ``` Rename object id specified in URI using the id from the body payload. Todo: -...

Currently, when an object is edited, the `write` permission is given to the creator/editor. This way, there's always someone with `write` permission. Problem, revoking permission on children is hard (#144)....

Revert operations from a particular timestamp

2

We want to be able to rollback some changes that were made since a particular timestamp. Since clients expect that timestamp never go back in the past, the idea would...

Break permission inheritance by adding the none keyword

1

Eg. - `{read: [system.EveryOne]}` on bucket - `{none: [system.EveryOne]}` on specific collection in this bucket Users can read every collections in bucket but one specific. Inspiration: Syncano permission types http://docs.syncano.io/docs/permissions#section-permission-types-for-data-objects-

LeafletGeoAdmin should show a map for readonly geometries

3

 ``` python from django.contrib import admin from leaflet.admin import LeafletGeoAdmin from geotrek.zoning import models as zoning_mode class ReadOnlyGeom(LeafletGeoAdmin): readonly_fields = ('geom',) admin.site.register(zoning_models.City, ReadOnlyGeom) ```

As suggested by @dyve https://github.com/makinacorpus/django-leaflet/pull/114#issuecomment-138237566