On 3/23/07, Scanner <[EMAIL PROTECTED]> wrote: > > > > On Jan 16, 12:32 pm, Jacob Kaplan-Moss <[EMAIL PROTECTED]> wrote: > > On 1/16/07 4:05 AM, Russell Keith-Magee wrote: > > > > > Given the current push towards 1.0, it seems likely that this > > > particular merge will not get the attention of the core developers in > > > the immediate future (at least until 1.0 is out the door). However, if > > > you want to volunteer, and you don't feel you can contribute to the > > > 1.0 push, making sure that therow-level permissions branch is in > > > perfect condition for merging to trunk (i.e., lots of tests, > > > documentation, good integration with admin, etc) would be one way to > > > help out. > > > > You should also keep and eye on the newforms-admin branch. One of the > > consequences of redoing the admin is going to be some cleanup in how > > permissions are checked and implemented, and that should make per-obj-perms > > *much* simpler. > > Note: Posting here because it seemed the most appropriate instead of > starting a new discussion. > > I have been working on a set of apps that absolutely require row level > permissions. They simply can not meet their intended need without > this. I could hack something up but instead I am using the per-object- > permissions branch of django. Because I also want to keep up to date > with the current trunk of django as well because it has features and > bug fixes I want to use I have been maintaining a check-out of the per- > object-permissions branch with the changes merged in from the trunk. > All is going well so far. I am uncovering some somewhat painful use > cases (eg: an object that a user has 'view' permission on, and when > getting a list of those objects they do not get objects in that list > which they lack 'view' permission on) but in general no problems. > > Now the fun part, I am encountering some bugs or not fully implemented > or thought out parts of the per-object-permissions branch. Sometimes > the fix is fairly easy (catching exceptions and doing intelligent > things with them), but sometimes I have to figure out how I want to > handle a certain case. My current problem is having a way to assign > permissions to "anonymous" users (ie: is_anonymous is true, > is_authenticated is false) because certain areas of my apps are open > to anonymous users.) Now I have ideas on ways to solve this (if you > use per-object permissions, for example, a group called > "system:everyone" maybe created that anonymous users are implicitly a > member of, etc.) > > However, I am wondering how to track these changes and perhaps get > input on them from other people who may be using, or interested in, > per-object-permissions. Also, right now, I basically have several > checkouts of the branch on different machines and I need to keep them > sync'd. My next step is probably to setup a local repository which I > maintain my work in, and merge in from the per-object-permissions > branch as well as the trunk. > > Any one else working with these branch and interested in the results > of my attempts to keep it up to date with the mainline, as well as > some potential fixes? >
I'm definitely interested in the results. Why don't you apply to get check-in permissions on the per-object-permissions branch? That way it can be accessible to the whole django community. Contact Jacob Kaplan-Moss to get an account. -- matthew http://wadofstuff.blogspot.com --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
