I am using custom permissions in my Django models like this: class T21Turma(models.Model): class Meta: permissions = (("can_view_boletim", "Can view boletim"), ("can_view_mensalidades", "Can view mensalidades"),) The problem is that when I add a permission to the list it doesn't get added to the auth...
I'm trying to figure out Django Groups and the documentation is pretty bare on the site. For example, you can use the decorator permission_required() to check the permissions, however, this only checks if you have assigned permissions directly. I have assigned Users to Groups which have Permissions setup. When using Django's permissio...
Hello everyone, I want to restrict access to all but a few selected files per a user, but if I type: /media/userdocuments/FILENAME django happily spits back the file for even users who aren't logged in. How can I integrate the permission framework to work around this? Thanks! EDIT: I realize that the django development server is insec...
Is it possible to inherit permissions from an abstract model in Django? I can not really find anything about that. For me this doesn't work! class PublishBase(models.Model): class Meta: abstract = True get_latest_by = 'created' permissions = (('change_foreign_items', "Can change other...
I need to do some debugging, because the permissions for one of my models are created wrongly. So I tried to find the piece of code where Django creates the permissions upon syncdb and writes them in the database, but I haven't been successful at all; maybe I just overlooked the right lines of code, but if somebody can point me out the r...
Hi everyone. I'm using Django 1.0, and I'm having a tricky problem with permissions and groups. Having launched a site, I wanted to use more fine-grained permissions for the content editors, so that they can insert new content with django's built-in admin function, not having to worry about potential damage to those models they should n...
In my urlconf, i have: url(r'^sssssh/(.*)', staff_only_app.site.root), What I'd like to do is limiting any access to this application to superusers. I tried this: url(r'^sssssh/(.*)', user_passes_test(staff_only_app.site.root, lambda u: u.is_superuser)), But it complains that decorate takes exactly 1 argument, and I gave two. I'...
I have an app that makes user of filtering certain things for users with different permissions. Django 1.1 does for some reason not seem to recognize these. I have a group called corporate and permissions are granted as needed. now in my template I am render the following. {% if perms.corporate %} ...show the following {% ...
Ultimately, my goal is to extend Django's ModelAdmin to provide field-level permissions—that is, given properties of the request object and values of the fields of the object being edited, I would like to control whether or not the fields/inlines are visible to the user. I ultimately accomplished this by adding a can_view_field() method ...
In my Django application, I have certain permissions which users need in order to access certain views (using django.contrib.auth). This works fine, using the @permission_required decorator on my view functions. However, some of my URLs resolve to views which I did not write, such as the built-in django.contrib.auth.views.password_chan...
Users on a webapp I'm building have multiple objects that are "theirs" Let's pretend the object is called Toy. I want them to be able to set privacy options for their Toys so they can set the following visibility options: Friends of friends Friends Only allow a defined set of people Friends only, but deny a set of people (to keep it ...
I have two sites running off the same base code. Each site has different requirements for which functions different user types can see. For example, one site says anyone can view the News page but on the other only logged in users with a value in the user profile of 'Manager" can see the news. So the first level of managing these pe...