Hi, Try django-granular-permissions [1]. I've just started working with it and it is quite nice. I have written a template tag to check user permissions on an object and I'll be contributing it back to the project in the next few days so keep an eye on the issues list for a patch.
[1] http://code.google.com/p/django-granular-permissions/ cheers Matthew http://wadofstuff.blogspot.com On Oct 27, 3:26 am, jfine <[EMAIL PROTECTED]> wrote: > Hi > > I'm now doing serious (for me) work with Django (which I like a lot) > and have come up against a problem. > > My application requires row-level permissions. I think I've got most > of it sorted out, but I'm having problems with templates and views. > > My basis idea is this. Add a field > edit_groups = models.ManyToManyField(Group) > which tells us which group members can edit the object. > > Then define a method > def is_editable_by(self, user): > if self.owner.pk == user.pk: > return True > if self.edit_groups.filter(user=user): > return True > return False > > This allows me to determine if a user can edit the object. > > Now for the problem. In the detail template for the object I'd like > to know if I can edit the object (so I can offer a link for doing > that). I don't see an easier and straightforward way of doing this, > particularly as I want to continue to use generic views. > > The problem is that the request (with .user as an attribute) and the > item (with .is_editable_by as a method) meet only in the template, and > not before. This is, it seems to me, part of the architecture of > Django. For example, MIDDLEWARE_CLASSES and > TEMPLATE_CONTEXT_PROCESSORS are passed only the request object. > > By the way, in the list view we'd like to tell the user which are the > items she can edit, so a single global won't do. > > What would work is an 'attribute' of item, so we could write > {% if item.is_editable %} > but we have to know the user to make the calculation. The best I can > think of is something like > {% get_is_editable as myvar %} > {% if myvar %} > but that's not at all nice. > > Here's a couple of related URLs. FIrst, a discussion in this group > Status of pre-object-level > permissionshttp://groups.google.com/group/django-users/browse_thread/thread/ad87... > > Next, a clever hack > Django Admin Hack - Fields varying with user permissions > http://lukeplant.me.uk/blog.php?id=1107301634 > referred to by this FAQ > entryhttp://docs.djangoproject.com/en/dev/faq/admin/#how-do-i-automaticall... > > Does anyone have any ideas or suggestions? I'd like to do something > that was aligned with future Django developments. > > Jonathan --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
