Basically I am looking for the following:
Groups can be created by users of the site.
Users can apply to join a group.
Every group has a group administrator which can approve or reject applications to join a group. Also, they can remove members from a group.
Content can be created which is associated with the group. Only group members can create content. Users who are not group members can view this content but not create/modify the content.
Are there any Django applications which can help implement these requirements?
The only one that I'm aware of is part of the Pinax project. It doesn't meet all of these out of the box, but can be expanded pretty easily to get these features.
Related
I have a project with Django rest framework as backend and Vue as frontend and everything works well.
Now, I have to extend my project. I want to bring the same product, but to a new group of users, who will have 0 interaction with the first group of users. No data will be shared among the two groups of users. Like if I created a copy of my backend with a new database and directed the new group of users to this new backend.
So, I am looking for a solution not to have to build another backend for each new independent group of users (which is obviously less than ideal).
I could create permissions where users could only access data about their own group and change every querysets. But I think it is not optimal to keep everyone on the same table as the number of groups of users will grow.
I guess the ideal would be to have 1 database per group of users, 1 backend in total, and to route users to their own group specified by the api call they make with a /groupID/rest-of-endpoint
Is that possible in Django ? Do you see any solution ?
I'm newbie on apex, and made an application that demands the app admin to insert users - in customized groups, on apex workspace - Manage Users and Groups. My application uses Authorization Schemes based on these customised groups, instead of create an Access Control List. I guess this is more useful, because It's could be possible to make more and different groups, and more flexible access control of pages, reports, buttons etc. But this kind of implementation could bring some security issues on my office. I wonder if is possible to create a page that refers, and also mantains (CRUD) to this workspace users, at workspace groups?
I'd like to add the capability for users to create their own groups and invite others to join the group (or leave the group) or for users to request access to a group to a django app.
The group in this case is basically a pool of potential players for a football match, from which the actual players will be chosen.
Is the standard django auth groups system the correct thing to use here or is there another way? I'd need it to be able to do invitations and stuff, obviously.
I can obviously write my own but is there another app out there that already does this kind of thing nicely?
If not, has anyone got any tips on how to go about this?
Creating your own model will give you more control to add extra information to those groups, such as the invitation system you described. The auth groups models was designed for classifying users by what level of control they have over the data on the website, which isn't what you want a groups model for. A new model will be much easier for you work with than trying to extend the existing groups model; which has built in functionality that you won't use, and probably has security features that will make it difficult to work with.
I have an application written in Oracle Apex 4.2
Different users have access to different pages. Apex's built in Access Control function ( ADMIN, EDIT, VIEW) takes care of what pages different users can see.
A separate requirement though is that some users can see certain pages and not edit them and other users can edit those pages.
I know that at the item level there is a Read Only option. I can hard code a user name ie
:APP_USER like 'Betty Boop%'
How can I set an item to be read only based on the Access Control group that a user belongs to (ADMIN,EDIT,VIEW)
I know that there is a utility: APEX_UTIL.CURRENT_USER_IN_GROUP
but if I do something like READ ONLY PL/SQL Expression
APEX_UTIL.CURRENT_USER_IN_GROUP('VIEW')
It doesn't do anything.
It seems that APEX_UTIL.CURRENT_USER_IN_GROUP doesn't know that the groups created by Apex Access control are groups - I need to code something? Create a function? Create a group table?
I'm not understanding how to do this
thanks
To use APEX_UTIL.CURRENT_USER_IN_GROUP you need to create user group(s) as an workspace administrator first: Administration->Manage Users and Groups->Groups->Create User Group.
Then you need to assign the group(s) to your application users: Groups->User Group Assigments. You should read documentation for more details.
And, after that you will be able to check an assignment of particular group to current application user with the APEX_UTIL.CURRENT_USER_IN_GROUP function.
In Jira (4.0), under Global Permissions, I have the Jira Users group containing two groups, jira-users and jira-login. When I started at this company, there was only the jira-users group, but I added jira-login so that I could remove users from jira-users and still have them be able to login. Everyone with jira-users permissions has specific permissions across every project in Jira and I didn't want to have to change that group's access on every project/permissions scheme affected.
Ultimately, what I'm trying to do is have a new group, Suppliers, have limited access to our projects. So a supplier is a member of jira-login and Suppliers only. Regular users are members of both jira-login and jira-users, although since they are a part of jira-users, they can still login without being part of the jira-login group.
The problem I'm having is that suppliers can see the projects that I want them to, but also a few projects that I didn't give them permissions to see. I want to remove the visibility of these unwanted projects for suppliers. NOTE: to let the suppliers see the select projects, I added the Suppliers group the the Users project role on each project that I want them to see.
Under project roles for each of this unwantedly visible projects, the only groups that have access to the Users (or any other project role besides admin) is jira-users. I have no idea how people outside of the jira-users group can see these projects.
I cannot seem to find the common denominator scheme/setting that these suppliers have. Certainly the newly created jira-login group doesn't have any sort of access that I didn't enter in manually. Right?
Any suggestions? Thanks.
Instead of having a jira-login and jira user group it might be better to create new groups that don't involve the jura-user group(this might cause odd behavior). From what I have read it seems that all users need to be a part of the Jira-users group to even log in.
Then having permission schemes that only include the groups that you want should be able to lock out unauthorized groups.
The ability to view issues is controlled by the Browse Projects permission. Check the permission scheme for a group that Suppliers can unexpectedly view and see who has that permission. It may be a group or a role. Remove the Suppliers from that and they won't be able to view that project's issues.
More info at http://confluence.atlassian.com/display/JIRA/Managing+Project+Permissions
The issue was caused by having either "Current Assignee" or "Reporter" in the "Browse Project" permission. Strange behavior. Watch out for this one.