Somehow I am not getting it.
I have created a Taxonomy of Organizations. I have then added a custom required field to my User accounts call "Organization". I would like to create a view where the currently logged in user can only see a list of people that belongs to the same Organization as the currently logged in user and no others.
I have created the view just fine, and the list of users appears fine, but I cannot get the filtering and relationships to only show me the only the users that belong to the same Organization as the currently logged in user.
I could do this in SQL in like 2 seconds, but for some reason I am not getting how to do it in the Drupal interface.
I am running Drupal 8.
Add a contextual filter User ID (to get the current user)
Add a relationship Taxonomy term referenced from field_organization (to get the taxonomy term referenced by current user)
Add a relationship User using field_organization (to get the users referencing to the Organization taxonomy at step 2)
Change the relationship of all fields to field_organization
If you want to exclude the current user from the results, add another contextual filter User ID with field_organization relationship
Remember to scroll down and check the Exclude
Related
I am new to Django so please bear with me if my questions seem too basic.
So, I want to create a web app for a kind of a store in which I have three different kinds of users.
Admin(Not Superuser) who can:
create, view, update, delete account for a Seller(agent)
issue them inventory
Seller who can:
sell an inventory item to a Customer(customers cannot themselves purchase it, only the seller can do it by filling in a form)
a Customer account should automatically be created upon submission of the form by Seller or if the Customer already has an account, the purchase should be added to their account
Customer
can login and view their account
What would be the best way to go about it? Using auth Groups, Profile models or anything else?
Any help would be wonderful. If something is not very clear in the question, I can provide more details. Thanks.
Django already has a solution for this: a Group [Django-doc]. A user can belong to zero, one or more groups. A group can have zero, one or more Permissions [Django-doc].
These permissions can be defined by a Django model, for example for all models there are permissions, to view, add, change, and delete objects of a certain model, but you can define custom permissions as well, for example to visit a certain page. A user then has such permission if there is at least one group they are a member of that has such permission.
You can work for example with the #permission_required decorator [Django-doc], or the PermissionRequiredMixin [Django-doc] to enforce that only users that have the required permission(s) can see the given page.
You thus can make groups for a seller, customer, etc. Often people can have multiple roles, for exame being both a seller and a customer which thus is elegantly solved through the permission framework.
I need to develop a scenario of users and groups in my django application there are three groups
- Admin
- Manager
- Employee
Generally admin is available by creating superuser and I need to create the users for different groups
- Admin can access all the records created by all users
Now my requirement is some users are belongs manager group and some normal users belongs to employee group..
How the associate user belongs to manager group can fetch his own records along with his subordinate user's records from employee group
I'm fully confused to give relation between normal users with an associate user from manager group.
How can I assign some employee users to a manager user?
Just to make sure we are on the same page, you wish to have the following user structure:
An Admin can see EVERYTHING
A Manager can see HIMSELF and all his associated Users
A User can see HIMSELF and that's it
So technically, there's only a relation between Managers and Users
Assuming your Admin is not the same as the native admin role from Django, you could setup the following logic:
Extend the User model with a 1-to-1 relation to your custom model. Let's call it Profile.
One of the field in Profile could be the role which would either be Admin, Manager, or User (might want to create a referantial table and use a foreign key)
Another field could be related_manager which would be a foreign key to the user model. It would be a way to say "that user is my manager"
You would need to add specific control in your model, notably:
related_manager is required (or optional?) if user is "User".
related_manager is forced to None if user is not "User"
related_manager must be a user with 'Manager' role
You'd probably have to setup signals to handle "What happens when a Manager, who had users to manage, becomes a basic User?" Do these users become manager-less? Or maybe you prevent it from happening, and a manager can only be demoted once he has no user attached? It all depends on what you want
Note that this is one of many ways to deal with your situation
I am working on a project which needs a separate admin interface. The django admin interface is for the super super user, there will be companies who will sign up for our app and then they will have their own admin interface. Everything is set and done despite the permission. We want model level permission that's what Django provides.
What I did is:
class CompanyGroup(models.Model):
name = models.CharField(max_length=254)
permissions = models.ManyToManyField(Permissions)
Now this list all the permissions of the site itself. So, Should I start working on my own permission app or I can modify django Permissions to provide object level permissions for only some models.
Thanks
Try one of the several existing 'row level' / 'per object' permissions apps for Django:
http://django-guardian.readthedocs.org/en/v1.2/
http://django-object-permissions.readthedocs.org/en/latest/
...there are probably others, those are just the first two in Google
We are using django-guardian in current project at work, seems fine.
I am assuming that you need to control access to sub-sets of each model's objects, depending on which company the current user belongs to (i.e. you don't want people from Company A to see items from Company B). For this reason you need row level permissions.
You probably also need to limit the permissions of all 'company users' to only certain actions:
You do not need to create a CompanyGroup class.
Instead just enable the admin site, log in as super user and create a django.contrib.auth.models.Group which contains the global permissions applicable to company users.
then ensure when you create any new company user logins that they are added to that Group
I have a model like Community, where some users can be admins and other users are normal users. I can link user the community as foreignkey or someother possible relationship. But, how can I implement user_type ? Where should I have this field ? Is it just another field in the model Community ?
I guess you want to provide different access levels to user in the community based on their user_type.
In that case, you can either keep a FK from UserProfile to Commmunity(in case one user will only be part of one community).
If users can be part of various communites, you should keep a ManyToManyField called users on Community model.
After this just keep these user in groups (See Django group and Permission). Set permission on Groups you define. Based on what group a user in, he will have the group permission. Use these permission to decide what access to give to a particular user.
Depends on the size and other attributes of the data but a common way to go about it would be to have a one-to-many relationship between Community and User. Then you can have a field in User that states the user type.
In the database you will have a Community table and a User table which are linked via foreign key, and the User table will store the user type information.
I have created a custom user profile in Sitecore 6.4.1, and am trying to add a basic droplist to the users profile. It seems that no matter which type of field I add to the user profile, it renders out in the Edit User dialog as a plain text field. Is there a restriction to the user profile, or some other method I need to use to allow content editors to pick an item to associate with a user profile?
The user manager cannot properly render all fields types. You should stick to single line text values if possible and avoid the user manager interface to edit the info itself. Use it more as a custom data store.
Edit: for reference, I've used this feature and extended profiles with simple fields for a login-based system with Sitecore. Our site allows users to register an account, which creates extranet users with an "extended profile" in the Core DB. When these users access thier profile page on the front-end site when they're logged into the front-end, they can edit basic data, like name, address, etc. I store these basic data points in the custom profile SLT fields, so its used merely as a data store. No one actually edits the content from the Sitecore shell's user manager.