1

Thanks for reading my question.

Before to ask, i was reading about my doubt:

http://djangobook.com/customizing-authentication-django/

django roles authorization architecture

Django Permissions for Different Clients

... And i'm not clear about permissions set in Django :(

I learning Django, but i want to try to build a permission set on my app. My system is about a schoool: teachers, students, management people, class room leaders.

The system's premise is: an user only must to have a rol.

Some questions about it:

  1. I thinking to prepopulate role table, with general profiles: student, teacher, management... What is the better way to do it?

  2. The typical restriction: a teacher is the unique profile can add, delete, view, edit your student's scores. What is the better way to do it? Should I do it through a custom system? Have u some url, code or source where can i to check it?

Excuse me my english. Thanks!

Community
  • 1
  • 1
Sommer
  • 1,328
  • 2
  • 10
  • 20

1 Answers1

0

I had a similar problem and ended up designing my own permission system, because with the default django permission system, it is not possible to do per-object permissions.

I simply added a model LabAccess with a foreign key on django.contrib.auth.models.Group (because I often have multiple instructors by course) and another foreign key for the course. (This allows multiple groups be instructor in a course). Then, in each view for instructors, I check whether one of the groups the user belongs to has an item in the LabAccess table. The source code of this system is actually available, if you are interested.

Note that there are also django extensions that support per-object permissions, like (django-guardian) http://django-guardian.readthedocs.io/en/stable. (I have no experience with it,)

ExTexan
  • 373
  • 2
  • 18
W.Mann
  • 893
  • 5
  • 11
  • Hello @W.Mann, thank u for ur answer and link, it's so cool! I think... if for my basics requirements Django can't do it in native way, Is django the correct framework to do my system? i don't know... – Sommer Mar 26 '17 at 03:34
  • @Sommer: If you know django already and the roles/permissions are not too complicated, you will probably be best served with django, Note that there are also django extensions that support per-object permissions, like [django-guardian](http://django-guardian.readthedocs.io/en/stable/).(no experience with it, but I will add it to my answer) BTW: Please mark my answer as accepted. – W.Mann Mar 26 '17 at 19:12
  • thank u again! Going to try to build my permissions system on Django. – Sommer Mar 27 '17 at 01:04
  • A question about ur answer: what is the difference between Django permission system and Django-guardian? Rhanks! – Sommer Mar 27 '17 at 01:08
  • @W.Mann Hi, i would like you invite you to my project that has this exact problem to solve, If you are interested in a freelance gig, please mail me at anonvivek[at]gmail[dot]in – vivekanon Apr 12 '22 at 08:57
  • could you offer requirements file please ? – Muhammadoufi Jun 20 '23 at 12:51