On Sun, 2008-01-06 at 15:51 -0800, Pete McVicar wrote: [...] > Because Django already has the concept of groups/permission my > immediate reaction would be to extend the admin interface to allow > ordinary People to create and mange groups this way. However, from > what I've read that would basically be a really bad idea, as all > People would have 'admin' access to all other groups, it would be > extremely hard to add additionally functionality (e.g. private, invite > only groups) and potentially create a unsustainable number of them in > the admin interface, etc.
Django's permission system is for mapping users to model types, not instances of a particular model. So it's not going to be apprporiate here. > Building a custom group/permission system seems to the most 'logical' > thing to do, but immediately seems to go against the DRY philosophy. If you're creating something for the first time, the repeating part of D-R-Y doesn't apply, pretty much by definition. Django doesn't supply what we call "row-level permissions" out of the box. Most people who want that built in want it so they can use the admin interface, but that's not really the point of the current admin. To do per-user access checks in models you create yourself is pretty easy. One approach is a model containing a permission field, a generic relation to a model instance and a foreign key to a user. You have one instance of that model for each user-model permission link. > > In the interests of doing things not only the right way, but the best > way, I'm guessing creating a custom system is better than extending, > unless there's some obvious other way that I've missed? Yes. It's really simple to build something that will fit your needs perfectly. Each time I've done this, it's been slightly different because of different domain requirements, but it's very few lines of code. Regards, Malcolm -- Monday is an awful way to spend 1/7th of your life. http://www.pointy-stick.com/blog/ --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
