That looks like a pretty good starting point. It's a little different
in that for my scenario, UserA and UserB would both be accessing
django admin, but would get different results based on what Namespaces
they have access to.
Seems like it should be pretty easy to create a Model Admin that
overwrites the has_*_permission functions and the queryset funtion.
Given the model above, this prevents users from editing objects that
are not in a namespace they have access to.
class NamespacedAdmin(admin.ModelAdmin):
def has_change_permission(self, request, obj=None):
if obj and not ( obj.namespace in
request.user.namespace_set.all() ):
return False
return super(NamespacedAdmin, self).has_change_permission
(request, obj)
The has_add_permission(self, request) function looks to be more
tricky, since it doesn't accept an obj instance. Maybe some more
overwriting of the ModelAdmin functions could resolve that.
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
