The way I solved this was to write a custom auth backend that could
evaluate a collection of non-model permissions. By convention, I had
one permission per view. Some of these permissions were aliased to
corresponding model permissions and some of them were based on other
criteria. Essentially, this is a way to hide the unlimited
functionality of user_passes_test() behind the standard permission-
based authorization API. If you wanted to dynamically assign these non-
model permissions, I imagine you could create your own Permission
model with links to Users and Groups and use that in the backend code.
A brief, highly simplified example:
class MyAuthorizationBackend(object):
def __init__(self):
self.virtual_perms = {
'app.article_annotations': self.allow_annotation_view
}
def has_perm(self, user, perm):
"""
This is the auth backend API.
"""
if perm in self.virtual_perms:
return self.virtual_perms[perm](user)
else:
return False
def allow_annotation_view(self, user):
"""
Returns true if the given user is allowed to view annotations.
"""
pass
AUTHENTICATION_BACKENDS = (
'django.contrib.auth.backends.ModelBackend',
'path.to.MyAuthorizationBackend',
)
On Jul 27, 2009, at 4:58 AM, Júlio Cesar wrote:
>
> I did this same question on the wrong comunity for this, Django
> Developers. After an alert, here I am hoping than you help me, please.
>
> XXXXX
>
> There are some permissions that I would like to add in my project,
> associated with acess a some views, particularly.
>
> But, there's no a clean mode to do this, because all permissions are
> associated with ContentTypes, right?
>
> I thought in obscure forms, like force create a content type from an
> abstract class and in there use that permissions, but there is an
> 'djangonic' method of made this?
>
> Very thanks and sorry my bad.
> Júlio Cesar.
>
> >
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---
