Loving django 1.0! But one thing I notice they don't seem to have is security trimming (where you can hide certain links based on the role permissions of a user) or any sort of roles security. Is there any solid way at going about this that already exists in the django framework or is this something we have to code up ourselves? I was thinking about it and I've come up with a few possible directions.
1) Make an inherited request object and then running a function that checks for proper permissions everytime a secure page is accessed. I've seen some places do this, but it seems pretty cumbersome and violates the DRY philosophy 2) Another idea is to edit the app.yaml to make sure login is required for a certain colleciton of pages, but what if you have multiple roles? That doesnt solve what roles can access what funcitons. And if different roles can see different things on a page, that doesn't solve that either. So security trimming is still an issue 3) Another thing I'm considering is making a custom template tag that maybe checks for security based on url. This may be pretty tough, but seems the most viable in doing security trimming at the very least. Are there any better approaches to this? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
