Comments (4)
gregmuellegger
commented on May 30, 2024
As discussed the logic for this will go into a permissions object that will live as an attribute on the ModelAdmin2.
from django-admin2.
gregmuellegger
commented on May 30, 2024
Here is my current approach to refactoring the permissions:
gregmuellegger/django-admin2@twoscoops:develop...permission-refactoring
I think its very elegant to have the permission classes on the views, which makes permission checking extremly modular (example: gregmuellegger/django-admin2@twoscoops:develop...permission-refactoring#L2R60)
However there is no way yet to pass has_edit_permission etc into the template. However this will not reliably possible without having access to the model_admin from the view. Because only then we can fulfill the following usecase:
- User access the edit page
- The edit page contains a link to the delete page
- The delete link should only be visible if the user has the permission to delete the current object
- This means the edit page needs access to the permission handling of the delete view.
So we MUST have the delete view in the edit view to make this work... So thats another reason to just pass in the model_admin into the view -- see #99 for more.
from django-admin2.
gregmuellegger
commented on May 30, 2024
I pushed my recent changes here: gregmuellegger/django-admin2@twoscoops:develop...permission-refactoring
There is a working implementation of permission checking (also works from the templates) that actually queries the responsible view if the user has the particular permission. This means if in the template {{ permissions.has_change_permission }} is used, the permission machinery will find its way to the update_view of the currently active model admin and will ask this view if the user really has the permission.
That way we can totally keep the permission handling in the views, users can easily extend its behaviour by only subclassing the view.
I think the code is very clean and commented out. However it is missing a bit of documentation to show the bigger picture. That will be my next part of work on the permission refactoring.
from django-admin2.
pydanny
commented on May 30, 2024
Closing this as @gregmuellegger's documentation closes this ticket out.
from django-admin2.
Related Issues (20)
- Django 1.8 issue HOT 3
- Django 1.8 issues HOT 1
- Add 'django.template.context_processors.static', to context_processors
- Add Django 1.9 compatability HOT 23
- Enhancement: Removing dependancy that matter only in theme HOT 2
- Deregister last app model does not delete the app
- fix test on travis HOT 2
- fix test on travis HOT 1
- Add material theme for admin2
- 0.7.0 release HOT 4
- move test runner and tests to py.test
- move views to django-vanilla-views
- Jinja2 template engine support
- djangocircus.com domain expired HOT 1
- New Transifex maintainer wanted HOT 5
- Add django 1.11 LTS and 2.0 support and remove EOL versions. HOT 2
- Plans for future release Django 2.x? HOT 2
- consider using https://github.com/ilblackdragon/django-themes
- No update since roughly one year. State of the project?1 HOT 4
- ERROR: django-admin2 0.7.1 has requirement django-filter==1.0.0, but you'll have django-filter 2.3.0 which is incompatible. HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from django-admin2.