Issue
I'd like to use a permissions based system to restrict certain actions within my Django application. These actions need not be related to a particular model (e.g. access to sections in the application, searching...), so I can't use the stock permissions framework directly, because the Permission
model requires a reference to an installed content type.
I could write my own permission model but then I'd have to rewrite all the goodies included with the Django permissions, such as:
- The possibility to assign permissions to users and groups.
- The
permission_required
decorator. User.has_perm
and related user methods.- The
perms
template variable. - ...
I've checked some apps like django-authority and django-guardian, but they seem to provide permissions even more coupled to the model system, by allowing per-object permissions.
Is there a way to reuse this framework without having defined any model (besides User
and Group
) for the project?
Solution
Django's Permission
model requires a ContentType
instance.
I think one way around it is creating a dummy ContentType
that isn't related to any model (the app_label
and model
fields can be set to any string value).
If you want it all clean and nice, you can create a Permission
proxy model that handles all the ugly details of the dummy ContentType
and creates "modelless" permission instances. You can also add a custom manager that filters out all Permission
instances related to real models.
Answered By - Gonzalo
0 comments:
Post a Comment
Note: Only a member of this blog may post a comment.