On 7/13/07, David Larlet <[EMAIL PROTECTED]> wrote: > * About users, how can I handle django users' permissions? John > Sutherland had already done some work on django-crudapi [1] and it > could be interesting to allow this access control.
Good question. I would subclass one of the authentication classes, e.g. HttpBasicAuthentication, and add a has_perm() check dependent on the request method to is_authenticated(). Currently, REST authentication is independent from Django's authentication middleware. It might make sense to move most of the code in HttpBasicAuthentication and HttpDigestAuthentication to django.contrib.auth.backends and to let the middleware do most of the work. > I'm not fond of CRUD names and I prefer to keep an information on > the HTTP verb in the function name but it's maybe personal. I chose the CRUD names as they better describe what the methods actually do, but if the consensus is that it is more important to highlight the HTTP method, I will change this. > * About dispatch, why don't you use the __call__ trick? Fixed, thanks for the pointer. > * About verbs, I know this is not really GSoC related but what is the > recommended way to handle fake PUT and DELETE from a browser? The > HttpMethodMiddleware[4]? Maybe a simple form/deletion in the polls > application will be an interesting example for a real django case. Yes, I recommend HttpMethodsMiddleware [4]. I just added a "delete" button to the template example and verified that it works if you add HttpMethodsMiddleware to your middleware classes. Thanks for your comments! Regards, Andreas [4] http://www.djangosnippets.org/snippets/174/ --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-developers?hl=en -~----------~----~----~----~------~----~------~--~---
