There are a lot of issue with your new permissions. Some people have been asking for a view permission in admin. With current system, all one have to do is add a permission per model. With your proposal, the whole system have to be ditched in favor of a more flexible one.
I have also seen production code using permission like is_something. Yeah, sure, it's not semantically correct. Being a bot or a moderator or a senior user is not a permission. But current permission system work nicely for that kind of stuff. Yeah, sure, people can swap the model like with user. But I have seem more often code adding a foreign key pointing to the user rather than swapping the model. I doubt that kind of solution will work with stuff like user.has_perm(). In a nutshell, what you propose will break a lot of code, require more work from developer, won't really help with translation and the only help with the widget because you are cutting most of the useful stuff out of the permission system. 2017-09-21 22:14 GMT+02:00 Ramez Ashraf <[email protected]>: > Good day dear fellow Django developers, > > Current permissions scheme in Django does suffer many flaws > Like Inconsistency with permissions for proxy models #11154 and the fact > that permission names are not translatable (no translation in the database) > and the Permission Widget (FilteredSelect) is not very user friendly if we > have a lot of models. > Some of these issues have some work around like gists creating correct > permissions for proxy models, widgets to display the permissions in a > translated Tabular format (django-tabular-permissions) > But the problems are still there. > And the current implementation in itself is some what naive, only add , > change , delete > Maybe i can delete only the records created by me, maybe i can delete but > not older then 1 day unless i'm superuser > > I want to suggest a complete Permission makeover > Basically a new model / db table for User permissions which look something > like this (and another one for the groups of course.) > > user_id | contenttype_id | add | change| delete > 1 | 1 | True | True | False > > The new model can be swap-able (like the User model) so end developers might > add more specified fields beside the add , change, delete like (can edit > other users entries, limit to date etc.) > It might be also advised to create your own Permission model at the start of > the project (like what is happening now with the user model) > > And the current Permissions table can be used for the custom permissions . > > I understand that this is might not be the most backward compatible solution > (although if accepted by you, we can figure this out, using data migrations > or something) > > But Permissions in Django have been dragging for far too long, and delaying > fixing them if not helping. > I see the new simplified url (and letting go of the regular expressions- at > least up front) and i say wow, things can change. :-) > > Looking forward for your much appreciated input, ideas & discussion. > > Thank you for your time reading this and Best wishes to all of you. > > > Ramez > > > > > > > -- > You received this message because you are subscribed to the Google Groups > "Django developers (Contributions to Django itself)" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at https://groups.google.com/group/django-developers. > To view this discussion on the web visit > https://groups.google.com/d/msgid/django-developers/bbdf1910-6b89-4568-8c1b-a681b5807871%40googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- Cordialement, Ludovic Coues +33 6 14 87 43 42 -- You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/django-developers. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/CAEuG%2BTa9UHwcRBWqohLPF2E6aEZrAFa%3DcaDW-7dSb1Mvidu_KQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
