Yes, I've (a long time ago though so package may be much better now) but
it doesn't give exactly what I need.
Afaik object-permission works reverse what I need - it adds spesific
permissions to groups/users to single object. But I need to check
(mostly through foreign keys and/or spatial relation) does user has
permission to see that data or not.
And my bad, I forgot to add Key fk lock nulls true.
So datamodel is like this:
Building contains zero or more Apartments.
Door can belong to building or apartment.
Lock belongs to door.
Key belongs to owner and may belong to specific lock.
So that in mind I need to restrict data fetching according to rules like:
User X has access (key type 'PUBLIC') to locks in buildings starting
with letter 'A' and only doors of types 'CARAGE' or 'ENTRANCE'.
5.2.2013 5:53, Nikolas Stevenson-Molnar kirjoitti:
Have you had a look at this 3rd-party package?
http://pypi.python.org/pypi/django-object-permissions
_Nik
On 2/4/2013 4:59 AM, Jani Tiainen wrote:
Hi all,
I've in need of implementing (rather complex) object level permissions.
I've difficulties to determine how to proceed.
Let's assume that I've following models:
class Building(...):
name = models.TextField(max_length=100)
class Apartment(...):
name = models.TextField(max_length=100)
building = models.ForeignKey(Building)
class Door(...):
DOOR_TYPES =
(('CARAGE', 'Carage'),
('ENTRANCE', 'Entrance'),
('PRIVATE', 'Private'))
door_type = models.TextField(max_length=100, choices=DOOR_TYPES)
name = models.TextField(max_length=100)
building = models.ForeignKey(Building)
apartment = models.ForeignKey(Apartment, null=True, blank=True)
class Lock(...):
door = models.ForeignKey(Door)
class Key(...):
KEY_TYPES =
(('ALL_ACCESS', 'All access'),
('PRIVATE', 'Private'),
('PUBLIC', 'Public'))
key_type = models.TextField(max_length=100, choices=KEY_TYPES)
owner = models.ForeignKey(User)
lock = models.ForeignKey(Lock)
Now each user will have access to doors according their key:
Also user may have limited "public" key that allows access to public
places like CARAGE or ENTRANCE door.
Or like postman would have access to Entrance door only but not to
carage nor private doors (apartments).
So far I've figured out following ways to do what I'm looking for:
1) I could implement all rules to authentication backend.
2) Delegate actual permission checking to models.
3) Something else and better.
--
Jani Tiainen
- Well planned is half done and a half done has been sufficient before...
--
You received this message because you are subscribed to the Google Groups "Django
users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
