I read about creating user groups, I think I have the general idea.
For instance if I have these two statement:
customer_group= Group(name='Customer')
customer_group.save()
Where in my django Project should I include the above statement to define the customer_group?
I believe you should just create one such group through admin or through django shell. You don't want to create multiple Customer groups, right?
To programmatically create groups and minimize the manual part of the process, you can use fixtures (deprecated as of version 1.7), migrations (as of version 1.7) or a post_syncdb signal to populate the database. I chose the later, and posted details on how to use a post_syncdb signal to populate Django security groups. The upshot of this is that any time that your application's syncdb command is run the groups will be created.
Related
My goal is:
to have created custom Groups and populated with permissions for specific models. All that immediately after or during application starts
Question:
What is the most appropriate way to achieve that?
For example my custom group is MY_CUSTOM_GROUP and i want to add change and view permissions for Model Book to that group
Just ran into that problem myself. The standard way to do it is either by creating a custom migration or through fixtures. Groups and permissions added through a custom migration will be available without any additional commands. The downside might be that the process of migrations rebuild will now be more complicated (I am a noob at django too, so please correct me if I'm wrong here). Fixtures require running a manage.py command to prepopulate the database, but they come with the advantage of being completely decoupled from migrations.
I am setting up a member site using django, in which members belong to groups that they create and then invite other users to join.
It seems that what I am looking for is to use the django groups functionality, but the documentation on how to go about this is minimal at best - at least I haven't found any. It basically talks about creating groups in the Admin console, which is not what I am trying to do. I would like to do it programatically/dynamically.
Another way to go about this would be to at a foreignkey to the User model up to a group model, however I can't add a foreignkey to the generic User model.
I have read lots of stuff that google threw up at me from my searches. none helpful.
How would I go about this?
Thanks
Well a Group is just another model in Django (one of the models defined in the Django library).
You can thus create a group with:
from django.contrib.auth.models import Group
g1 = Group.objects.create(name='Name of the group')
The Group model has two many-to-many relations: one to Users (with related name users), and one to Permission (with related name permissions). So we can use the corresponding managers to add and remove Users and Permissions.
Then you can for example populate the group with users like:
g1.user_set.add(user1, user2, user5, user7)
You can also add permissions to a group with:
g1.permissions.add(perm1, perm3, perm4)
I'm working on some Django Rest Framework based project (quite expected API for some web-app). It has as traditional Django models, and some kind of model-like objects: they behave like Django models but don't store anything in DB. No tables, no content-types. When we ask them for objects, they goes to external API and forms resulting Queryset.
Now I need to build some role-based access system. To make the architecture clear and extensible, I want to make groups and permissions managable through the Django Admin interface. So, I guess, we need to put some permissions to DB and then we'll be able to add these permissions to user groups. After that, we'll check these permissions in DRF.permissions class. But since we have neither tables, nor content-types for these 'models', we can't add records to permissions table right now.
What is the right way to make this possible? Should I rebuild these 'models' through the metaclass with proxy = True? Or should I add a proxy layer above? Maybe I should add some dummy content-types by hand?
I've built an application that I want to move from my development server to my production server. In this application I have defined 3 custom groups in auth.group and each of those have specific permissions.
I've tried to dump the data from auth.group - it seems to include permissions ids as well. The problem is, those IDs don't match between my development environment and the production environment. It also seems there is a content_type_id in auth.permission that I don't know how it relates.
My question is, is there a way using dumpdata or something else, to migrate Groups and all of the related permissions for my application? I don't have a problem importing multiple fixtures on the production server, but I do want all of the groups to be set up without having to go through the UI and selecting the appropriate permissions for each group.
django.contrib.auth depends on django.contrib.contenttypes because auth.models.Permission.content_type is a ForeignKey(ContentType).
Solution: add ContentType in your data dump, ie. dumpdata with the following arguments: auth.group contenttypes.contenttype auth.permission
I'm creating CMS and now facing some issue I need your advice. I have few different modules (apps) I can define custom permission to them - in model i define custom permissions like "view_store", "edit_store", "delete_store" and so on. And then I have defined different user groups (I want to have group based user access control) - admin, editor, vip, user.
I'm creating these groups when running one time command to initialize CMS (manage.py initcms) and I want of course all the right permissions will be added to the group in the same time.
initcms action is running after the syncdb, so all the models are in DB (info about permissions also of course).
I have something in my mind... If this is good way to go or you have the better one? Let me describe mine: I want to give for example for vip user all the permission from all the models (which have this permission defined) to "view_*". It means vip can view everything. I have an idea when initializing database just grab all entries (all permissions) which fits pattern "LIKE view_%" and then add these all to group's permissions.
But then the problem if the new module will be added... I need to re-run this action and check if all the permissions are right... Maybe there is some dynamic way to deal with group permissions?
One possible solution is to use Django Signals, which can be triggered before or after a model's save mothod has been called or after or before any M2M action takes places, after syncdb etc... You may select a proper signal that fits you best and then call a function that checks related permissions and add or remove any if necessary...