Hello all! I want to create a Django project that can be used by several different user groups, where all user groups are strictly separated from one another. A popular example for something like this is basecamp (the Ruby on Rails showcase application), where groups can sign up to collaborate on projects online. AFAIK, every group gets a sub-domain, like mycompany.grouphub.com (grouphub is the domain used for this).
I think there are three different approaches to this task: a) use subdomains like mycompany.example.com (multiple project clones) b) use filepaths like example.com/mycompany (possibly multiple app clones[?]) d) use one domain for all (single installation) I found a discussion about automatically mapping folders to subdomains here: http://discussions.apple.com/thread.jspa?messageID=8582210&tstart=0 I think using something like this, it would be possible to automatically create a copy of the Django project for each new user, and have apache (which I use with mod_python) automatically resolve the corresponding subdomin to it. However, I would like to avoid the overhead of having the same project installed multiple times. For approach b), you could differentiate users by URL parameters, and do something like this: def show_entries(request, user) Entry.objects.filter(user__exact=user) ... Maybe it would be best to create a new app for each new user, and have the url for this user include this app's urls.py. I personally think the third approach might be the best. Because approach a) and b) make it really easy to guess other instances, you would have to implement effective access control anyway (maybe not so with a, because it has distinctive databases). However, I think it might be quite hard to make sure that under no circumstances one client can edit objects belonging to another client. With the state of the Django permission system today, the only way I can think of is to create permissions like: permissions = (("can_edit_client1", "Can edit client1."), ... ) and use this to check if a authenticated user can edit specific objects. As you can probably see, I'm new to this kind of project. Therefor I would be very glad if somebody could point me in the right direction. I tried my best to search for it, but I couldn't find anything useful about this topic related to Django. Which approach do you deem to be worth considering? I think the first approach with different instances of the project is probably the most secure and safe way to do this, whereas I would like it better if the third approach was doable. It seems that in every case you have to change files programmatically. In a) you would probably have to change the apache config, although there is a slight chance that it is possible without changing anything. In b) you would have change urls.py and INSTALLED_APPS, although you could also do it without cloned apps for each user. In c) you would have to subclass your models for each user to assign permissions. Am I right with my assumptions? Or am I overlooking a simpler solution? Thanks in advance for any help! Best Regards, Jesaja Everling --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
