django-permission | enhanced permission system which support object
kandi X-RAY | django-permission Summary
kandi X-RAY | django-permission Summary
[Not maintained] An enhanced permission system which support object permission in Django
Top functions reviewed by kandi - BETA
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of django-permission
django-permission Key Features
django-permission Examples and Code Snippets
Community Discussions
Trending Discussions on django-permission
QUESTION
Am trying out an idea to use both django-viewflow and django-permission in an app where there would be some complicated permission rules. The way that I have understood the way django-permission works is by adding a decorator to the view that you want to apply permission rules.
I have managed to get this working on the process views by extending the base viewflow views and pointing the urls.py to the extended view. When I try to follow the same idea for tasks I bump into the error listed below
type object 'CBVTask' has no attribute 'flow_class'
models.py
...ANSWER
Answered 2018-Jul-12 at 11:54Turns out to be a bit of a rookie mistake - the urls.py file should have read as follows:
urls.py
QUESTION
I am building a quite complex Django
application to be used on top of and email scanning service. The Django
application is written using Python 3.5+
This application primarily uses Django Rest Framework
to handle communication with the frontend in the browser.
The issue that I am currently having is that I try to implement the concept of a System Administrator
, Domain Administrator
and Application User
The System Administrator
is basically the "normal" django superuser
and is therefore capable of doing everything and see every record in the system.
The Domain Administrator
is user who manages one or more email domains
. I keep track of this using a Many2Many
relationship between the users
and the domains
. The idea would then be to predefine a filter, so that the log of messages processed, will be automatically filtered to show only messages where the sender domain
or the recipient domain
equal a domain
in the list of domains
that the given user
is assigned to.
The same would be true for blacklisting
/whitelisting
policies.
If the Domain Administrator
is not assigned to any domains
, then no data is shown.
The Application User
is basically any authenticated user with one or more domains
assigned to them, using the same Many2Many
relationship as the Domain Administrator
. If no domains are assigned, then no data is shown.
I have found some other solution here on Stackoverflow on making the request.user
available to the QuerySet
in the ModelManager
, but that does not seem like the correct way to handle it.
I have looked at django-guardian
, django-authority
and django-permissions
, but none of them seem to be affecting the QuerySet
or the resulting list of objects.
Does anyone have a suggestion for Django package/addon that can be used to handle this or maybe an idea for how this could be handled?
...ANSWER
Answered 2018-May-18 at 18:02DRF's GenericAPIView
has a get_queryset
method that you can override to perform custom filtering:
QUESTION
Am using django-permission on simple test app (almost identical to the example used in the docs) to try to figure out how it works. I have read the documentation and tried to use the example app provided on this link.
The issue is when the author of an article is not able to edit/ delete the article.
The user in question has been granted all permissions in the admin section.
Key code listed below - any help much appreciated
test_app/models.py
...ANSWER
Answered 2018-Apr-05 at 16:41I don't really get what
The user in question has been granted all permissions in the admin section.
means (not sure what "admin section" is) but
You don't need
perms.py
while you already add a permission logic in yourmodels.py
.You need to use
test_app.change_article
instead (._
)
By the way, while you don't need perms.py
so it's not a matter but the instance of AuthorPermissionLogic
in perms.py
is not properly configured while you haven't specified field_name
there (the default value of field_name
is 'author'
if you don't specified.) https://github.com/lambdalisue/django-permission/blob/master/src/permission/conf.py#L24
QUESTION
Thanks for reading my question.
Before to ask, i was reading about my doubt:
http://djangobook.com/customizing-authentication-django/
django roles authorization architecture
Django Permissions for Different Clients
... And i'm not clear about permissions set in Django :(
I learning Django, but i want to try to build a permission set on my app. My system is about a schoool: teachers, students, management people, class room leaders.
The system's premise is: an user only must to have a rol.
Some questions about it:
I thinking to prepopulate role table, with general profiles: student, teacher, management... What is the better way to do it?
The typical restriction: a teacher is the unique profile can add, delete, view, edit your student's scores. What is the better way to do it? Should I do it through a custom system? Have u some url, code or source where can i to check it?
Excuse me my english. Thanks!
...ANSWER
Answered 2017-Mar-26 at 19:15I had a similar problem and ended up designing my own permission system, because with the default django permission system, it is not possible to do per-object permissions.
I simply added a model LabAccess with a foreign key on django.contrib.auth.models.Group (because I often have multiple instructors by course) and another foreign key for the course. (This allows multiple groups be instructor in a course). Then, in each view for instructors, I check whether one of the groups the user belongs to has an item in the LabAccess table. The source code of this system is actually available, if you are interested.
Note that there are also django extensions that support per-object permissions, like (django-guardian)[http://django-guardian.readthedocs.io/en/stable/]. (I have no experience with it,)
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install django-permission
No Installation instructions are available at this moment for django-permission.Refer to component home page for details.
Support
If you have any questions vist the community on GitHub, Stack Overflow.
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page