These are chat archives for django/django

1st
Aug 2015
Charles Javelona
@charlesjavelona
Aug 01 2015 02:31 UTC
@mnazim, I use this way --> http://pastebin.com/nXen2fdg
Charles Javelona
@charlesjavelona
Aug 01 2015 02:38 UTC
It works but dont know if it is a good idea to override dispatch method and put the checker of user type in their.
At the moment I am unfamiliar with django guardian and permissions with Class Based Views, does anyone any tutorials that I can follow true in order to get the general idea of it?
Mir Nazim
@mnazim
Aug 01 2015 16:53 UTC
@charlesakio Official Django docs is a very good place to start with permissions. https://docs.djangoproject.com/en/1.8/topics/auth/default/#permissions-and-authorization
Start with core django permissions, only use django-gaurdian if you need per object permissions instead of per Model permissions.
Mir Nazim
@mnazim
Aug 01 2015 17:00 UTC
@charlesakio very dumb and simple per object implementation is below. Will work well for a well defined and a small set permissions axis per model.
class MyModel(models.Model):
    # Field definitions here 

    def is_visible_to(self, user):
        # Check for visibility permissions which may reside elsewhere
        # probably in a separate many-to-many relation
        return self.viewers.filter(user=user).exists()

    def is_editable_by(self, user):
        # Check for visibility permissions which may reside elsewhere
        # probably in a separate many-to-many relation
        return self.editors.filter(user=user).exists()

    def is_deletable_by(self, user):
        # Check for visibility permissions which may reside elsewhere
        # probably in a separate many-to-many relation
        return self.admins.filter(user=user).exists()
django-gaurdian is a big cognitive load on your brain, above works for simple situations.
Stick to default django permission system if you only need per Model permissions
Charles Javelona
@charlesjavelona
Aug 01 2015 17:58 UTC
Got you. I think I got the gist of this. Thanks for your help, @mnazim