Am Samstag, 18. März 2017 06:00:14 UTC+1 schrieb Melvyn Sopacua: > > On Thursday 16 March 2017 02:29:21 guettli wrote: > > > > > In our custom code we already skip check1 and do only check2. > > > > Why do you even do these checks? >
Good question. I want to get all users which have a given permission. Here is one implementation of it. https://code.djangoproject.com/ticket/18763 The resulting SQL uses several OUTER JOINS resulting in this issue: https://code.djangoproject.com/ticket/27260 We work-around it by serializing to IDs and then using the IDs in the next .filter() ... not nice but works. Regards, Thomas Güttler > There's a view decorator and class-based view mixin. All you need to do is > make good groups and users and the rest follows. > > > > If you want to define a new permission type, you can do it in the model > meta class. Not one place requires manual permission checks - when you > stick to the model level. > > > > If you need to enforce permissions at the model instance level, then don't > reinvent the wheel. There's a few packages out there, who have already > solved the problem - Django Guardian being one of them. > > -- > > Melvyn Sopacua > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/32bf5e18-4f13-47f7-a1c6-d2162016a36a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
