I've followed up the suggestions given here but am still struggling with 
this problem. My table rows are marked as 'public' or 'private' and the 
suggested approaches (and others I could think of) could certainly control 
access in such a way that logged-in users could access the whole table and 
other users coukd only access the 'public' items. So far so good.

The problem that I can't solve is that the same table is accessed by lots 
of foreign key relationships from other views in various apps. As far as I 
can tell, the available solutions all either allow the foreign key access 
to bypass the security or else result in unresolved foreign key accesses 
that raise exceptions. Either way, I am having to litter my code with 
either further security checks or checks for foreign keys to non-existent 
object instances. I'm kind of coming to the conclusion that there is no 
elegant solution to this but thought I would ask here one more time.

Thanks

Steve

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/8ad1817d-7c6f-435f-8a6f-650a4ed62160%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to