Cat, I will be posting what I am doing within the next day or to for you. -richard
On Sep 27, 8:47 pm, Cat <[EMAIL PROTECTED]> wrote: > Richard > > I am currently developing an interface that will need to use role > based row level permissions and would be greatful for anything that > you are willing to share. > > Catriona > > On Sep 28, 8:53 am, Richard Dahl <[EMAIL PROTECTED]> wrote: > > > If you are interested, I would love to collaborate on some ideas of > > doing this. I have an role-based system working pretty well as of > > now, but it does not, as of yet integrate with the admin interface. > > If you have any interest I would be more than willing to share some > > of what I have come up with. > > -richard > > > On Sep 27, 2007, at 2:38 PM, Lic. José M. Rodriguez Bacallao wrote: > > > > I'll do that > > > > On 9/27/07, Richard Dahl <[EMAIL PROTECTED]> wrote: > > > There is a row-level-permissions branch, but I do not believe it is > > > actively being developed at this time. I wrote my own role-based > > > permission system and integrated it into all of my models that > > > require it. I have not attempted to integrate the permission > > > system into the admin interface though. I have used my own views. > > > If you just want to limit access to one user (+ admin) this can be > > > accomplished relatively easily by storing the user who created the > > > model instance as a FK on the model. The threadlocal middleware > > > can be used to integrate this into your save method of your models, > > > if this is required. You could then create a model.manager to > > > filter based on the request.user, and a model method that can > > > evaluate whether or not the current user is authorized to edit or > > > delete an instance. My advice would be to check the permissions > > > before every action, i.e. check as you create a queryset, when > > > getting an instance for editing, when the edited instance is > > > submitted to be saved, when an instance is to be deleted, etc... > > > If you have any specific questions, I would be more than happy to > > > answer what I can. > > > -richard > > > > On 9/27/07, Lic. José M. Rodriguez Bacallao < [EMAIL PROTECTED]> wrote: > > > hi people, I got a little question, how can I make some users add > > > news (model News), modify only news owned by him or even delete his > > > news, not others users news, but only admins can publish all of them? > > > > -- > > > Lic. José M. Rodriguez Bacallao > > > Cupet > > > ----------------------------------------------------------------- > > > Todos somos muy ignorantes, lo que ocurre es que no todos ignoramos > > > lo mismo. > > > > Recuerda: El arca de Noe fue construida por aficionados, el titanic > > > por profesionales > > > ----------------------------------------------------------------- > > > > -- > > > Lic. José M. Rodriguez Bacallao > > > Cupet > > > ----------------------------------------------------------------- > > > Todos somos muy ignorantes, lo que ocurre es que no todos ignoramos > > > lo mismo. > > > > Recuerda: El arca de Noe fue construida por aficionados, el titanic > > > por profesionales > > > ------------------------------------------------------------------ Hide > > > quoted text - > > > - Show quoted text - --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---