Hi, On 3/22/07, Mario Gonzalez <[EMAIL PROTECTED]> wrote: > > Hello. I've got an issue that I want to deal with if you let me. I > think, as everybody we've got a project with many applications on it. > And also there are lots of users available, however what about if I > want to deny some apps to some users? > > Or, how can I know what app can be used by someone? Well, I can use > a user_passes_test decorator, sure but I've got do it every time, in > every view. IMO that must be solved in the core, not in every view.
you can write a simple middleware that will check for this permission in process_view(), it will examine the view function to find out what application it belongs to and decide whether to allow the request to continue or not... > > So far, permissions are applied to classes (tables) only, but not to > applications. I don't know what do you think about this but I want to > give a idea: > > Every time when a administrator create a new app, internally a > group with the same application name is created. Thus, a user must > belong to this group to gain access to the app. This should be a easy > way to limit users. just hook to the post_syncdb signal, create the groups and use the proposed middleware I think this is so easy to develop and too specific (at least I didn't find any request for this feature in the past), it shouldn't be in the core. > > Regards! > > http://www.advogato.org/person/mgonzalez/ > > > > -- Honza Kr�l E-Mail: [EMAIL PROTECTED] ICQ#: 107471613 Phone: +420 606 678585 --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-developers?hl=en -~----------~----~----~----~------~----~------~--~---