Frank!
You appear to have figured out what I spent most of today trying to figure
out: How to get access to the current logged in user from INSIDE a custom
data manager!
Can you clarify something in your code?
In your custom manager you define "by_user", which takes "user" as an
input. But in your class you just name your custom data manager in place
of the default "object" manager.
How do you ( a ) get the system to call your "by user" query? And ( b )
how do you get the system to send in the current "user"?
I was thinking there might be a link through the site.model reference
Managers get. Or maybe a way to pull it from session, but I keep get stuck
on the fact this isn't a view, so it has no obvious access to a "request"
object????
Thanks in advance!
On Monday, February 25, 2013 4:18:50 AM UTC-5, Frank Bieniek wrote:
>
> We achived the second level auth, by tying an extended group to a company,
> all company members are part of this group, so we can leverage the
> normal auth mechanismen.
>
> Hope this gives you an idea.
>
> Thanks
> Frank
>
> class CompanyManager(models.Manager):
> filter_by_user_limit_field = None
>
> def by_user(self, user):
> """
> Extension for filtering organization objects (also related
> objects) by
> the groups of a user.
> Avoiding that a user can touch other organization objects.
> Superusers and
> Partner Administrators are able to see all organizations.
> """
> # if the user is not logged in - no data
> if not user.is_authenticated():
> return self.none()
> # TODO: optimization: would be nice to find a way to make
> by_user chainable like .filter(), ...
> return self.limit_queryset_by_user(
> self.get_query_set(),
> user,
> self.model.filter_by_user_limit_field
> )
>
> @staticmethod
> def limit_queryset_by_user(qs, user, field_key):
> if user.is_superuser.count()>0:
> return qs
> kwargs = {}
> if field_key and user.groups.count() > 0:
> kwargs[field_key] = [u['id'] for u in
> user.groups.values('id')]
> return qs.filter(**kwargs)
>
> And in the model
>
> class Company(ExtendedModel):
> name = models.CharField(max_length=64, unique=True)
> slug = models.SlugField(unique=True)
> is_active = models.BooleanField(null=False, blank=False,
> default=True)
>
> filter_by_user_limit_field = "organizationgroup__in"
> objects = CompanyManager()
>
> class CompanyGroup(Group):
> """
> User group of the Organization
> """
> organization = models.OneToOneField(Organization)
>
>
> Am 23.02.2013 17:00, schrieb Gabriel - Iulian Dumbrava:
> > How I would do it would be to have a special column (foreign key) in
> each table (model) called Company (company_id) and change all default
> managers to filter on company_id = logged_in_user.company_id.
> >
> > In this way you are sure tha users only see what belongs to their
> company.
> >
> > You would have to pass the company_id to models, probably with a
> middleware which gets it from the logged in user and saves it somewhere.
> >
> > And you also have to save the default value of company_id to each newly
> created entry in every table, probably from the same source as above.
> >
>
>
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
