Thanks, this is very helpful and gives me some good ideas to start implementing.
One question I have is: If i'm using Django's built-in User class (and corresponding authentication) and I want to be able to associate each user with an organization and be able to access a user's organization from the view via the request, what is the best/easiest way to do that? Ben On Jun 4, 11:42 pm, Doug Ballance <dball...@gmail.com> wrote: > For our setup we created a separate user,site framework since we do a > form of vhosting that serves multiple sites from one instance. We have > a Site model that serves as the root tying all of our other models > together. No abstract models or anything fancy, just a FK in each > model class pointing back to the Site model. You only have one site, > but the concept could be the same.. instead of setting the site > instance for a request in middleware from ip/header info like we do, > you'd infer and organization instance from the logged on user. > > For the view management I'd suggest looking at the class based views, > and creating a 'tenant aware' base class view that you can sublcass > for your individual views. I used the generic class based views as a > guide for making my own. I'd suggest starting by looking at the > source in django.views.generic.list and django.views.generic.detail. > The get_queryset()/get_object methods are the main points of > interest. If you have a middlware set the user (or use django's user > model) object on the request, you can alter your get_queryset() method > to restrict the query to only objects the user (or that users > organization) is allowed since the request will be available on the > class as self.request. > > For my use, I have a similar base class with an altered dispatch() > method that wraps the base dispatch method in a try/except looking for > an AuthError exception. In my view subclasses I override > get_queryset() to limit queryset per request (to the site/user), and > do additional permissions checking in get_context_data() raising an > AuthError exception if there is a permission error. The altered > dispatch is responsible for returning an error page or redirecting to > a login if AuthError is raised at any point in the view process. -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
