On Aug 5, 2005, at 3:14 PM, A wrote:
I am exploring Django for the first time, and I like what I see. Great
work.
Thanks!
Looking at the security model, it is a RBAC ( Rol Based Access Control
). I have already a CBAC ( Context Base Access Control ) for a web
application in another framework and I would like to know how hard
will
be to modify ( me not the project ;-) ) the Django security part to
this other model ( is it planned to be easy to modify? ).
This means for example that user admin1 can specify that a user U1 can
only assign permissions to create files under category X for users
under group G2. Which not only implies a modification for the admin
interface but also for the validation of permissions while the user is
in session.
Any thoughts about this? Thanks.
Well, I don't really know much about security models (didn't know we
had an RBAC :), but it shouldn't be too hard to modify Django to use
a different security implementation. The current system is based
around a user.has_permission("permission name") function; I imagine
you could modify that function to work differently.
I'd love for Django to support different user/auth systems, so please
keep in touch about your efforts and if there's any sort of framework
support you could envision that would help you out.
Good luck!
Jacob
