views:

36

answers:

2

Hi, Here's my problem : my site has users, which can create projects, and access other user's projects. Each project can assign different rights to users.

So, i could have Project A : user "John" is in group "manager" , and Project "B" user "John" is in group "worker".

How could I use the Django User authentication model to do that ?

From a SQL point a view, what i would like is to be able to add "project_id" in the primary key for the "auth_user_groups" table.

I don't think profile is of any help here. Any advice ?

UPDATE : "worker" and "manager" are just two examples of the permission group (or "roles") that my application defines. There will be more in the future. Eg : i will probably also have "admin", "reporting", etc...

A: 

If you really need this information in the groups i think the best solution is to sub class the necessary models and make your own auth application/auth backend out of this!

I dont know if it's necessary to relate the projects to groups, you could also create an user profile that has a 1:1 relation to the user and a m:n to projects, so you could assign projects to a user and then check in your apps what projects the user is related to?

Third solution that comes to my mind would be having a model with one foreignkey to project and one to group, which might also work for you, but probably has no good usability!

The dirtiest way would probably be to add a foreignkey to group using monkey-patching (add_to_class), but i guess this only recommendable if you don't find another descent way to do it and is somehow your last resort, but not first choice!

lazerscience
Thanks for the comment. I'll wait a bit to see if someone has a better solution, but i'll probably go for your first solution (subclassing)...I don't really "need" that in group, it's only that user's rights depend on the project. Your second solution means replicating the auth_group/permission model (with tables like userprofilepermission) that Django already uses, just to add another key in the "auth_group" table's primary key... I really hope there's a descent way to extend the base auth model other than copy/pasting. It's really incredible that Django has such a limited auth model.
Ben G
A: 

If you can live without it in your User model and can have it an associated user profile model, how about something like:

from django.contrib.auth.models import User
from foo.models import Project

class UserProfile(models.Model):

  auth_user = models.ForeignKey('User')
  projects_where_manager   = models.ManyToManyField('Project', 
                                                     related_name="managers_for_project")
  projects_where_worker   = models.ManyToManyField('Project', 
                                                     related_name="workers_for_project")
stevejalim
Actually "worker" and "manager" are only two examples of the kind of rights my users would have. I would really like to user the "auth_group / permission" model, defining groups as data in a table instead of columns.
Ben G