Django permissions, code or application usage?

Question

Django permissions, code or application usage?

This question (I think) is about object / row permissions in Django.

We are creating a community and should be able to set permissions based on the actions that users take. For example, you cannot run a thread until you post so many answers.

In addition, users should be able to remove content that belongs to them. Based on the Django documentation, it looks like the standard environment does not support instance permissions.

Should we rely on the "empty" API that Django ships, or should we use an application for this, such as django-guardian, django-rules, etc.? Which of them would you recommend in this case?

Thank!

+5

django permissions

holyredbeard Nov 07 '11 at 13:55

source share

2 answers

-.

Django-guardian
, DRY, , . .
django-guardian .
Django-guardian , Django.
Django -, Django, ( ) . - , -.
OSU Open Source Lab
, Django-guardian, Django. . ( .)
.
.

, , , .

+2

Ivan Kharlamov 07 . '11 14:00

Andrey Fedoseev · Accepted Answer · 2011-11-07T14:12:18+0000

you cannot run the thread until you post so many answers.

You do not need to use permissions for each object for this. In fact, you do not need to use permissions for this at all. Just check if the user meets the requirements in your views.

Or you can use the standard django resolution mechanism. Create permissions such as Start Stream, then configure alerts to track when users add responses. When a single is issued, check to see if the user has enough answers and give him permission to "Start Stream".

You decide which one is best for you.

In addition, users should be able to remove content that belongs to them.

. , author item.author == request.user, , .

, - . . - , .

Django permissions, code or application usage?

More articles: