#29748: Add AUTH_GROUP_MODEL setting to swap the group model
------------------------------+-----------------------------------------
Reporter: damoncheng | Owner: damoncheng
Type: New feature | Status: assigned
Component: contrib.auth | Version: dev
Severity: Normal | Resolution:
Keywords: | Triage Stage: Someday/Maybe
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
------------------------------+-----------------------------------------
Description changed by Michael:
Old description:
> I was just about to open ticket for this exact same thing. The most
> common use case I have come across when searching for a solution is to
> add a `description` field to the `Group` model. There seems to be no
> complicated/hacky solution to this. Most solution end up creating custom
> migrations within:
>
> {{{
> site-packages/django/contrib/auth/migrations/
> }}}
>
> Which lives outside ones project, and can't be version controlled.
New description:
The information is not enough for the most project in
django.contrib.auth.models.User and django.contrib.auth.models.Group. The
project can only custom User and Team model.
The auth User can be changed in the django settings by AUTH_USER_MODEL.
But the Group cannot.
Further, There are many group permissions problem presented when project
use django permissions.
Firstly, In django.contrib.auth.ModelBackend, Django currently bind group
permissions with django.contrib.auth.models.Group
{{{
def _get_group_permissions(self, user_obj):
user_groups_field = get_user_model()._meta.get_field('groups')
user_groups_query = 'group__%s' %
user_groups_field.related_query_name()
return Permission.objects.filter(**{user_groups_query: user_obj})
}}}
If the project want to relate the group permission to custom team. the
project have to custom backend that extend
django.contrib.auth.ModelBackend and modify group to team.
Secondly, the bad design limit the other app design, many app about
django permission , only support group permission based on
django.contrib.auth.models.Group, like django-guardian.
In the conversation with Adam
Johnson([https://groups.google.com/forum/#!topic/django-
developers/llQJZUKejXg]). Admin suggestion me to contribute it or to use
OneToOneField to solve the basic problem. But the OneToOneField is not
elegant and it have problem in some scene. For example, A project is a
cloud item, It use SCIM to manage user and team identities in cloud. it
transfer resource from sender to many receiver.
Before the project use OneToOneField, The project only transfer user
and team from sender to receiver. It spend 2 hour.
After the project use OneToOneField. The project need transfer user and
team from sender to receiver, then create group and make team
OneToOneField to Group in the receiver. It spend 6 hour.
it degrade the transform performence.
So please make me to support AUTH_GROUP_MODEL that optimize django group
permission design
--
--
Ticket URL: <https://code.djangoproject.com/ticket/29748#comment:8>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-updates+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/01070181b5c68266-bf67a012-7d33-44f9-be52-149956dff9b8-000000%40eu-central-1.amazonses.com.
