Hi all,

I've in need of implementing (rather complex) object level permissions.

I've difficulties to determine how to proceed.

Let's assume that I've following models:

class Building(...):
        name = models.TextField(max_length=100)

class Apartment(...):
        name = models.TextField(max_length=100)
        building = models.ForeignKey(Building)

class Door(...):
        DOOR_TYPES =
                (('CARAGE', 'Carage'),
                 ('ENTRANCE', 'Entrance'),
                 ('PRIVATE', 'Private'))

        door_type = models.TextField(max_length=100, choices=DOOR_TYPES)
        name = models.TextField(max_length=100)
        building = models.ForeignKey(Building)
        apartment = models.ForeignKey(Apartment, null=True, blank=True)
        
class Lock(...):
        door = models.ForeignKey(Door)

class Key(...):
        KEY_TYPES =
                (('ALL_ACCESS', 'All access'),
                 ('PRIVATE', 'Private'),
                 ('PUBLIC', 'Public'))

        key_type = models.TextField(max_length=100, choices=KEY_TYPES)
        owner = models.ForeignKey(User)
        lock = models.ForeignKey(Lock)
        

Now each user will have access to doors according their key:
Also user may have limited "public" key that allows access to public places like CARAGE or ENTRANCE door.

Or like postman would have access to Entrance door only but not to carage nor private doors (apartments).

So far I've figured out following ways to do what I'm looking for:
1) I could implement all rules to authentication backend.
2) Delegate actual permission checking to models.
3) Something else and better.

--
Jani Tiainen

- Well planned is half done and a half done has been sufficient before...

--
You received this message because you are subscribed to the Google Groups "Django 
users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.


Reply via email to