I'd like to extend/subclass admin Groups & Users classes in Django.
CourseAdmin group should be doing what admin can do, and they have extra information like email, phone, address.
CourseAdmin should be able to create CourseAdmins, Teachers, Courses and Students.
Teacher should be able to edit courses and students belong to them. They can't create anything new.
I want to make use of current Django admin classes Group & User instead of doing my own. Please kindly advise. Thank you!
Do you mean that the whole group CourseAdmin has one email, phone and address? I doubt that.
Otherwise you don't have to subclass anything. Just create a user profile model (that includes e.g. email, phone, address), create the groups: CourseAdmin, Teacher, Students and set up the permissions accordingly.
You can distinguish the users by checking in which group they are in.
More about user authentication.
You can't both extend and use the existing ones. Use a OneToOneField instead.
Related
I am new to Django so please bear with me if my questions seem too basic.
So, I want to create a web app for a kind of a store in which I have three different kinds of users.
Admin(Not Superuser) who can:
create, view, update, delete account for a Seller(agent)
issue them inventory
Seller who can:
sell an inventory item to a Customer(customers cannot themselves purchase it, only the seller can do it by filling in a form)
a Customer account should automatically be created upon submission of the form by Seller or if the Customer already has an account, the purchase should be added to their account
Customer
can login and view their account
What would be the best way to go about it? Using auth Groups, Profile models or anything else?
Any help would be wonderful. If something is not very clear in the question, I can provide more details. Thanks.
Django already has a solution for this: a Group [Django-doc]. A user can belong to zero, one or more groups. A group can have zero, one or more Permissions [Django-doc].
These permissions can be defined by a Django model, for example for all models there are permissions, to view, add, change, and delete objects of a certain model, but you can define custom permissions as well, for example to visit a certain page. A user then has such permission if there is at least one group they are a member of that has such permission.
You can work for example with the #permission_required decorator [Django-doc], or the PermissionRequiredMixin [Django-doc] to enforce that only users that have the required permission(s) can see the given page.
You thus can make groups for a seller, customer, etc. Often people can have multiple roles, for exame being both a seller and a customer which thus is elegantly solved through the permission framework.
So, I am fairly new to Django and I know there is just one User type. I am wondering what is the best way for me to go about setting up my models.
My site needs 4 different types of users: admins (including superuser), teachers, students, parents. I want only admin to be able to use the built in admin UI. I want teachers to have some admin features but only on frontend UI.
So far I have extended AbstractBaseUser and BaseUserManager to create users that can be assigned the 4 roles mentioned above and a few different things. They are working and I can manage authorization of page views with them, but this is just scratching the surface of what I hope to do.
But how do I manage this when I want a teacher to have many students in a class and only see those students when they login? I want these students to be assigned to teacher by the admin and then allow the teacher to have some permissions with the student info.
Can I use signals to create a Teacher model that belongs to aUser with a role of teacher and that same Teacher model has_many``Students. The ``Student would also have been created instantly with the User having a role of student.
I am thinking along the lines of how you would create a Profile with a new User.
I know how to associate Teachers and Students and Parents, etc but it is confusing to me when they are all user types as well.
Or is there a way to do this with just keeping them as ``Users``` with roles and relating them in another way?
Thanks for the help.
Why don't you try this :-
https://simpleisbetterthancomplex.com/tutorial/2018/01/18/how-to-implement-multiple-user-types-with-django.html
I think this is the answer you are looking for.
Let me know if you need further explanation.
Happy coding :-)
I am currently learning Django, specifically DRF to make an API that will be consumed by a web app client. The app is for a teacher who gives extracurricular classes in Mathematics and Science. My basic idea is that there will be two types of User, a Student and a Teacher. Teachers will obviously have more access rights than Students. The problem is, a django User class has the is_admin attribute and, since only Teachers could possibly be admin of the site, I cannot create a single User class that has is_admin and user_type attribute. For instance, the User with is_admin=True and user_type=Student will be an invalid combination. My idea is to make my User class as an Abstract Base Class and then make two seperate classes, Student and Teacher, that inherit from it. This is also ideal in the sense that only Teachers can publish articles, which means the Student class just won't have that permission, but then I face another problem. All Users have a single Profile. The Profile will store a bio, an avatar image of the user, etc. But when setting up the OneToOneField relationship in Profile, the profile must have that relationship with Students and Teachers, thus all User types. How can I set up that relationship? Can I say OneToOneField(User) and due to the inheritance that user could be a Student or a Teacher? If not, what should I do?
If you have experience and you are thinking, why on earth is he (that is me) doing that?, feel free to comment on my design plan and please show me how a better design would look. Thanks in advance.
EDIT: Is there any advantage in having a single profile for each user, storing a bio and image etc? Is there any gain in this over storing that info in the User model?
Don't create separate classes. Just that they have different permissions doesn't mean they need to be different classes! They can all be User (or your own subclass of that, but the same).
Then you configure two different groups (docs). You assign each new user to one of the two groups.
Your code can then use some custom permission (say a 'publish' permission on Article) and give that permission to the Teacher group, and check in your code that the current user has that permission.
Typically only one or a few users have "is_admin", is_admin means that you automatically have all existing permissions. It's for user management, configuring the groups, and such.
Keep it as one class unless you need each class to have different attributes. But in your case, you can just make is_staff=True synonymous with being a teacher, and then you could get rid of the user_type attribute. It's usually better practice to use boolean fields instead of char fields with a finite set of choices that do unknown things in the code. So staff would be teachers, and non-staff would be students.
Aside: By "is_admin", you meant "is_staff", right? I am not aware that the django User model has an "is_admin" attribute, only is_staff and is_superuser.
So I want to keep track of about 100 employees but only five of them should be able to log in into the backend (the rest starts with no loginpossibilities at all) what's the best way to solve that problem ?
I thought of an EmployeeModel that has a 1to1-relation to an abstractBaseUser but is that the way to go or is there something easier ?
~Max
Why not make use of Django 1.5's new customisable User model and model each employee as a user with an extended profile:
In Django 1.5, you can now use your own model as the store for user-related data. If your project needs a username with more than 30 characters, or if you want to store user’s names in a format other than first name/last name, or you want to put custom profile information onto your User object, you can now do so.
By making each employee a "user", you have the balance of being able to control their ability to login (using is_staff) as well as being able to add as much employee profile information that you need.
Why not just have FK from employee to user if an employee has an attached account?
Don't go for over customisation as this can be easily achieved easily using the built-in tools. Make the login_page require a permission suppose say "can login". And just make these 5 users have those permission. So rest will automatically get a permission denied response when trying to login.
How can I extend Auth to allow for multiple users with the same username. In SAAS this is a need because two accounts might have a user called "owner" or something like that.
You could probably subclass the User model and write a custom authentication backend for your new model.
But first I would ask myself "do I REALLY need this?". Having multiple users with the same username sounds like a mess.
The problem with "user names" is that on a site with any decent size population Spencer's Lament (Henry Spencer # U Toronto, Dept. of Zoology) comes into play: all of the good ones are taken. (He was referring to host names in the pre-DNS days, but it still applies.) The only "name" that is pretty much guaranteed to be unique is ... the email address. If you use that as Django's login identifier, then you can allow the user.username to be non-unique and used as a screen name. You still have to allow for people to change their email addresses, but they should still be unique across all users of a site.
We had to do this for a long-established site, as mentioned in this thread.
You can't. Prefix the user name with the account name instead.