Re: Announces django-guardian: per object permissions for Django 1.2

[Russell Keith-Magee]

On Thu, Aug 5, 2010 at 3:32 AM, lukaszb  wrote:
> Thanks for the comment! I really do think that this "backends ready &&
> included" parts of Django are extremely useful (and fun to extend if
> needed).
>
> About the admin, I haven't really get into admin integration yet as I
> cannot answer this: should user with "flatpages.change_flatpage"
> permission for flatpage instance be able to edit it at admin if he/she
> doesn't have "flatpage.change_flatpage" global permission? I'm just
> stuck here - I suppose it would be good to "turn off" ability to
> change some objects for user with this global "app.change_obj"
> permission removal. On the other hand, wouldn't it be too much to give
> such global permission for user if we intend to allow him/her to
> change only single object?

There are two possible readings of the global obj=None case.

 a) A user must have the global permission in order to be granted the
permission for individual objects. This means that the global
permission is a 'gatekeeper' of sorts for individual object
permissions.

 b) The global permission is the 'fallback' permission if a specific
object permssion doesn't exist. That is the obj=None permission is the
"allow all" permission.

My reading of the code and docs [1] [2] is that (b) is the intended
interpretation. From a practical standpoint, this also makes sense: in
the case of (a), there is no way to grant a wildcard permission.

[1] 
http://docs.djangoproject.com/en/dev/topics/auth/#django.contrib.auth.models.User.has_perm
[2] http://code.djangoproject.com/wiki/RowLevelPermissions

So - in terms of the practical situation you describe; this means that
a user can only edit a specific flatpage if they have the change
permission for a specific instance, *or* they have the global obj=None
permission.

The issue that cascades on from this is the UX issue of how to
represent an object that you can't edit. Should it be displayed, but
not presented as a link? Should it be hidden entirely?

Yours,
Russ Magee %-)

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Announces django-guardian: per object permissions for Django 1.2

[derek]

On Aug 4, 9:18 pm, lukaszb <lukaszbalcer...@gmail.com> wrote:
> Welll, at the django.contrib.auth there are only those (User and
> Group) models for which one may define permission sets and I wanted
> guardian to be as simply as possible - so it is not possible to assign
> permission to other model even if it "groups  users". At one point I
> thought it could be nice to implement some kind of "roles" but I've
> finally decided it would be better to stick to facilites provided by
> new Django version.
>
> On the other hand, I'm not sure if it is needed to create new
> "grouping models" - I often use intermediate models for this (i.e.
> Team model with fk to Group among other fields). Let me know if you
> have different experience.
>
> On 4 Sie, 15:26, derek <gamesb...@gmail.com> wrote:
>
> > On Aug 4, 1:20 am, lukaszb <lukaszbalcer...@gmail.com> wrote:
>
> > > Hi all,
>
> > > I'd like to announce django-guardian - very basic yet usable per
> > > object permissions
> > > implementation for Django 1.2, using new authorization backend
> > > facilities.
>
> > > It was created during 2 days sprint, code have been released and may
> > > be found athttp://github.com/lukaszb/django-guardian/.
> > > Documentation is available athttp://packages.python.org/django-guardian/.
>
> > > Currently I think there should be better integration with admin app
> > > and some shortcuts (permission assignment/removal)
> > > should support table-level permissions as well.
>
> > > If you spot a bug or have an idea how to improve this little app,
> > > please spare a minute at issue tracker, which is located 
> > > athttp://github.com/lukaszb/django-guardian/issues.
>
> > > Hope someone would find this useful.
>
> > No doubt this will be extremely useful!  For me, integration with the
> > Django admin is a must, though, as permissions will need to be
> > assigned by users themselves via the standard interface.
>
> > One (maybe stupid) question:  Can rights only be assigned to the pre-
> > specified "Group", or can any model that handles user grouping (I have
> > some custom ones in my app) be used?
>
> > Thanks
> > Derek

That's a pity; guess I will need to stick to my home-grown code in
that case.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Announces django-guardian: per object permissions for Django 1.2

[lukaszb]

Thanks for the comment! I really do think that this "backends ready &&
included" parts of Django are extremely useful (and fun to extend if
needed).

About the admin, I haven't really get into admin integration yet as I
cannot answer this: should user with "flatpages.change_flatpage"
permission for flatpage instance be able to edit it at admin if he/she
doesn't have "flatpage.change_flatpage" global permission? I'm just
stuck here - I suppose it would be good to "turn off" ability to
change some objects for user with this global "app.change_obj"
permission removal. On the other hand, wouldn't it be too much to give
such global permission for user if we intend to allow him/her to
change only single object?

Am not sure if I should start such discussion here but I just couldn't
resist :)



On 4 Sie, 01:34, Russell Keith-Magee <russ...@keith-magee.com> wrote:
> On Wed, Aug 4, 2010 at 7:20 AM, lukaszb <lukaszbalcer...@gmail.com> wrote:
> > Hi all,
>
> > I'd like to announce django-guardian - very basic yet usable per
> > object permissions
> > implementation for Django 1.2, using new authorization backend
> > facilities.
>
> > It was created during 2 days sprint, code have been released and may
> > be found athttp://github.com/lukaszb/django-guardian/.
> > Documentation is available athttp://packages.python.org/django-guardian/.
>
> > Currently I think there should be better integration with admin app
> > and some shortcuts (permission assignment/removal)
> > should support table-level permissions as well.
>
> > If you spot a bug or have an idea how to improve this little app,
> > please spare a minute at issue tracker, which is located at
> >http://github.com/lukaszb/django-guardian/issues.
>
> > Hope someone would find this useful.
>
> > Take care,
> > Lukasz
>
> Hi Lukasz,
>
> Great stuff! Thanks for taking the effort to implement this and put it
> out in the open. It's a fantastic example of the sort of thing that
> can be very useful without needing to be part of core, which is the
> reason that we put the object-based permissions API into the auth
> backends.
>
> Regarding admin app integration -- integration of object-level
> permissions with the admin app is one area where I am aware there are
> some bugs (or, at least, some areas where the object-based permissions
> API isn't being used as it should). This aspect of Django's admin
> could do with some attention, so if your experience of implementing an
> object-based permissions backend has you contemplating a bigger
> project, auditing the admin for adherence to object-based permissions
> could be an interesting candidate.
>
> Yours,
> Russ Magee %-)

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Announces django-guardian: per object permissions for Django 1.2

[lukaszb]

Welll, at the django.contrib.auth there are only those (User and
Group) models for which one may define permission sets and I wanted
guardian to be as simply as possible - so it is not possible to assign
permission to other model even if it "groups  users". At one point I
thought it could be nice to implement some kind of "roles" but I've
finally decided it would be better to stick to facilites provided by
new Django version.

On the other hand, I'm not sure if it is needed to create new
"grouping models" - I often use intermediate models for this (i.e.
Team model with fk to Group among other fields). Let me know if you
have different experience.

On 4 Sie, 15:26, derek <gamesb...@gmail.com> wrote:
> On Aug 4, 1:20 am, lukaszb <lukaszbalcer...@gmail.com> wrote:
>
>
>
>
>
> > Hi all,
>
> > I'd like to announce django-guardian - very basic yet usable per
> > object permissions
> > implementation for Django 1.2, using new authorization backend
> > facilities.
>
> > It was created during 2 days sprint, code have been released and may
> > be found athttp://github.com/lukaszb/django-guardian/.
> > Documentation is available athttp://packages.python.org/django-guardian/.
>
> > Currently I think there should be better integration with admin app
> > and some shortcuts (permission assignment/removal)
> > should support table-level permissions as well.
>
> > If you spot a bug or have an idea how to improve this little app,
> > please spare a minute at issue tracker, which is located 
> > athttp://github.com/lukaszb/django-guardian/issues.
>
> > Hope someone would find this useful.
>
> No doubt this will be extremely useful!  For me, integration with the
> Django admin is a must, though, as permissions will need to be
> assigned by users themselves via the standard interface.
>
> One (maybe stupid) question:  Can rights only be assigned to the pre-
> specified "Group", or can any model that handles user grouping (I have
> some custom ones in my app) be used?
>
> Thanks
> Derek

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Announces django-guardian: per object permissions for Django 1.2

[derek]

On Aug 4, 1:20 am, lukaszb <lukaszbalcer...@gmail.com> wrote:
> Hi all,
>
> I'd like to announce django-guardian - very basic yet usable per
> object permissions
> implementation for Django 1.2, using new authorization backend
> facilities.
>
> It was created during 2 days sprint, code have been released and may
> be found athttp://github.com/lukaszb/django-guardian/.
> Documentation is available athttp://packages.python.org/django-guardian/.
>
> Currently I think there should be better integration with admin app
> and some shortcuts (permission assignment/removal)
> should support table-level permissions as well.
>
> If you spot a bug or have an idea how to improve this little app,
> please spare a minute at issue tracker, which is located 
> athttp://github.com/lukaszb/django-guardian/issues.
>
> Hope someone would find this useful.

No doubt this will be extremely useful!  For me, integration with the
Django admin is a must, though, as permissions will need to be
assigned by users themselves via the standard interface.

One (maybe stupid) question:  Can rights only be assigned to the pre-
specified "Group", or can any model that handles user grouping (I have
some custom ones in my app) be used?

Thanks
Derek

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Announces django-guardian: per object permissions for Django 1.2

[Russell Keith-Magee]

On Wed, Aug 4, 2010 at 7:20 AM, lukaszb <lukaszbalcer...@gmail.com> wrote:
> Hi all,
>
> I'd like to announce django-guardian - very basic yet usable per
> object permissions
> implementation for Django 1.2, using new authorization backend
> facilities.
>
> It was created during 2 days sprint, code have been released and may
> be found at http://github.com/lukaszb/django-guardian/.
> Documentation is available at http://packages.python.org/django-guardian/.
>
> Currently I think there should be better integration with admin app
> and some shortcuts (permission assignment/removal)
> should support table-level permissions as well.
>
> If you spot a bug or have an idea how to improve this little app,
> please spare a minute at issue tracker, which is located at
> http://github.com/lukaszb/django-guardian/issues.
>
> Hope someone would find this useful.
>
> Take care,
> Lukasz

Hi Lukasz,

Great stuff! Thanks for taking the effort to implement this and put it
out in the open. It's a fantastic example of the sort of thing that
can be very useful without needing to be part of core, which is the
reason that we put the object-based permissions API into the auth
backends.

Regarding admin app integration -- integration of object-level
permissions with the admin app is one area where I am aware there are
some bugs (or, at least, some areas where the object-based permissions
API isn't being used as it should). This aspect of Django's admin
could do with some attention, so if your experience of implementing an
object-based permissions backend has you contemplating a bigger
project, auditing the admin for adherence to object-based permissions
could be an interesting candidate.

Yours,
Russ Magee %-)

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Announces django-guardian: per object permissions for Django 1.2

[lukaszb]

Hi all,

I'd like to announce django-guardian - very basic yet usable per
object permissions
implementation for Django 1.2, using new authorization backend
facilities.

It was created during 2 days sprint, code have been released and may
be found at http://github.com/lukaszb/django-guardian/.
Documentation is available at http://packages.python.org/django-guardian/.

Currently I think there should be better integration with admin app
and some shortcuts (permission assignment/removal)
should support table-level permissions as well.

If you spot a bug or have an idea how to improve this little app,
please spare a minute at issue tracker, which is located at
http://github.com/lukaszb/django-guardian/issues.

Hope someone would find this useful.

Take care,
Lukasz

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Per-object permissions

[Christian Schilling]

http://github.com/initcrash/django-object-permissions/
implements this on 1.1 (it's not hard at all, so i don't really
understand the change planed for 1.2)
there are no docs yet, but the testproject shows how to use it: just
use ObjectPermissionAdmin
as base for the admin classes instead of ModelAdmin, that's it.

On Nov 25, 2:49 pm, rebus_ <r.dav...@gmail.com> wrote:
> 2009/11/25 Gamliel Roi <roi.gaml...@gmail.com>:
>
>
>
> > Any idea when 1.2 will be released?
>
> > On Wed, Nov 25, 2009 at 3:31 PM, rebus_ <r.dav...@gmail.com> wrote:
>
> >> 2009/11/25 Russell Keith-Magee <freakboy3...@gmail.com>:
> >> > On Tue, Nov 24, 2009 at 11:16 PM, rebus_ <r.dav...@gmail.com> wrote:
> >> >> 2009/11/24 nek4life <nek4l...@gmail.com>:
> >> >>> You should look into django-authority.  I'm pretty sure that has per-
> >> >>> object-permissions.
>
> >> >>>http://packages.python.org/django-authority/index.html
>
> >> >>> On Nov 24, 7:00 am, gamliel roi <roi.gaml...@gmail.com> wrote:
> >> >>>> Hello all,
>
> >> >>>> I have the admin site up and running but I need to create a group of
> >> >>>> users,
> >> >>>> such that each of the users will be able to edit objects that are
> >> >>>> only
> >> >>>> relevant to them (e.g Project objects that the user is also the
> >> >>>> ProjectManager).
>
> >> >>>> I know that in the past Django had a Per-object permissions branch,
> >> >>>> which is
> >> >>>> now abandoned.
>
> >> >>>> Should I peruse this direction and try to incorporate this branch to
> >> >>>> my
> >> >>>> current code? is it documented and running properly?
>
> >> >>>> Any other ideas/suggestions/resources regarding this problem?
>
> >> >> Row level permisions should be implemented in Django version  1.2 [1]
> >> >> if you have the time to wait...
>
> >> >> [1]http://code.djangoproject.com/wiki/Version1.2Features
>
> >> > To be clear - that ticket *doesnt'* implement row-level permissions;
> >> > it modifies the calls for permission checks to allow you to build a
> >> > row-level permissions checker external to Django.
>
> >> > Yours,
> >> > Russ Magee %-)
>
> >> That's true, i probably wasn't too clear on this.
>
> >> But i would rather use Django API to implement row-level permissions
> >> then start building my own implementation from scratch, if you have
> >> the luxury of waiting till it hits trunk or comes out in 1.2 that is.
>
> >> Davor
>
> >> --
>
> >> You received this message because you are subscribed to the Google Groups
> >> "Django users" group.
> >> To post to this group, send email to django-us...@googlegroups.com.
> >> To unsubscribe from this group, send email to
> >> django-users+unsubscr...@googlegroups.com.
> >> For more options, visit this group at
> >>http://groups.google.com/group/django-users?hl=en.
>
> > --
> > Best
> > Roi Gamliel
>
> > --
>
> http://code.djangoproject.com/wiki/Version1.2Roadmap

--

You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Per-object permissions

[rebus_]

2009/11/25 Gamliel Roi <roi.gaml...@gmail.com>:
> Any idea when 1.2 will be released?
>
>
>
> On Wed, Nov 25, 2009 at 3:31 PM, rebus_ <r.dav...@gmail.com> wrote:
>>
>> 2009/11/25 Russell Keith-Magee <freakboy3...@gmail.com>:
>> > On Tue, Nov 24, 2009 at 11:16 PM, rebus_ <r.dav...@gmail.com> wrote:
>> >> 2009/11/24 nek4life <nek4l...@gmail.com>:
>> >>> You should look into django-authority.  I'm pretty sure that has per-
>> >>> object-permissions.
>> >>>
>> >>> http://packages.python.org/django-authority/index.html
>> >>>
>> >>> On Nov 24, 7:00 am, gamliel roi <roi.gaml...@gmail.com> wrote:
>> >>>> Hello all,
>> >>>>
>> >>>> I have the admin site up and running but I need to create a group of
>> >>>> users,
>> >>>> such that each of the users will be able to edit objects that are
>> >>>> only
>> >>>> relevant to them (e.g Project objects that the user is also the
>> >>>> ProjectManager).
>> >>>>
>> >>>> I know that in the past Django had a Per-object permissions branch,
>> >>>> which is
>> >>>> now abandoned.
>> >>>>
>> >>>> Should I peruse this direction and try to incorporate this branch to
>> >>>> my
>> >>>> current code? is it documented and running properly?
>> >>>>
>> >>>> Any other ideas/suggestions/resources regarding this problem?
>> >>>>
>> >>>
>> >> Row level permisions should be implemented in Django version  1.2 [1]
>> >> if you have the time to wait...
>> >>
>> >> [1] http://code.djangoproject.com/wiki/Version1.2Features
>> >
>> > To be clear - that ticket *doesnt'* implement row-level permissions;
>> > it modifies the calls for permission checks to allow you to build a
>> > row-level permissions checker external to Django.
>> >
>> > Yours,
>> > Russ Magee %-)
>> >
>>
>> That's true, i probably wasn't too clear on this.
>>
>> But i would rather use Django API to implement row-level permissions
>> then start building my own implementation from scratch, if you have
>> the luxury of waiting till it hits trunk or comes out in 1.2 that is.
>>
>> Davor
>>
>> --
>>
>> You received this message because you are subscribed to the Google Groups
>> "Django users" group.
>> To post to this group, send email to django-us...@googlegroups.com.
>> To unsubscribe from this group, send email to
>> django-users+unsubscr...@googlegroups.com.
>> For more options, visit this group at
>> http://groups.google.com/group/django-users?hl=en.
>>
>>
>
>
>
> --
> Best
> Roi Gamliel
>
> --

http://code.djangoproject.com/wiki/Version1.2Roadmap

--

You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Per-object permissions

[Gamliel Roi]

Any idea when 1.2 will be released?



On Wed, Nov 25, 2009 at 3:31 PM, rebus_ <r.dav...@gmail.com> wrote:

> 2009/11/25 Russell Keith-Magee <freakboy3...@gmail.com>:
> > On Tue, Nov 24, 2009 at 11:16 PM, rebus_ <r.dav...@gmail.com> wrote:
> >> 2009/11/24 nek4life <nek4l...@gmail.com>:
> >>> You should look into django-authority.  I'm pretty sure that has per-
> >>> object-permissions.
> >>>
> >>> http://packages.python.org/django-authority/index.html
> >>>
> >>> On Nov 24, 7:00 am, gamliel roi <roi.gaml...@gmail.com> wrote:
> >>>> Hello all,
> >>>>
> >>>> I have the admin site up and running but I need to create a group of
> users,
> >>>> such that each of the users will be able to edit objects that are only
> >>>> relevant to them (e.g Project objects that the user is also the
> >>>> ProjectManager).
> >>>>
> >>>> I know that in the past Django had a Per-object permissions branch,
> which is
> >>>> now abandoned.
> >>>>
> >>>> Should I peruse this direction and try to incorporate this branch to
> my
> >>>> current code? is it documented and running properly?
> >>>>
> >>>> Any other ideas/suggestions/resources regarding this problem?
> >>>>
> >>>
> >> Row level permisions should be implemented in Django version  1.2 [1]
> >> if you have the time to wait...
> >>
> >> [1] http://code.djangoproject.com/wiki/Version1.2Features
> >
> > To be clear - that ticket *doesnt'* implement row-level permissions;
> > it modifies the calls for permission checks to allow you to build a
> > row-level permissions checker external to Django.
> >
> > Yours,
> > Russ Magee %-)
> >
>
> That's true, i probably wasn't too clear on this.
>
> But i would rather use Django API to implement row-level permissions
> then start building my own implementation from scratch, if you have
> the luxury of waiting till it hits trunk or comes out in 1.2 that is.
>
> Davor
>
> --
>
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To post to this group, send email to django-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscr...@googlegroups.com<django-users%2bunsubscr...@googlegroups.com>
> .
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.
>
>
>


-- 
Best
Roi Gamliel

--

You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Per-object permissions

[rebus_]

2009/11/25 Russell Keith-Magee <freakboy3...@gmail.com>:
> On Tue, Nov 24, 2009 at 11:16 PM, rebus_ <r.dav...@gmail.com> wrote:
>> 2009/11/24 nek4life <nek4l...@gmail.com>:
>>> You should look into django-authority.  I'm pretty sure that has per-
>>> object-permissions.
>>>
>>> http://packages.python.org/django-authority/index.html
>>>
>>> On Nov 24, 7:00 am, gamliel roi <roi.gaml...@gmail.com> wrote:
>>>> Hello all,
>>>>
>>>> I have the admin site up and running but I need to create a group of users,
>>>> such that each of the users will be able to edit objects that are only
>>>> relevant to them (e.g Project objects that the user is also the
>>>> ProjectManager).
>>>>
>>>> I know that in the past Django had a Per-object permissions branch, which 
>>>> is
>>>> now abandoned.
>>>>
>>>> Should I peruse this direction and try to incorporate this branch to my
>>>> current code? is it documented and running properly?
>>>>
>>>> Any other ideas/suggestions/resources regarding this problem?
>>>>
>>>
>> Row level permisions should be implemented in Django version  1.2 [1]
>> if you have the time to wait...
>>
>> [1] http://code.djangoproject.com/wiki/Version1.2Features
>
> To be clear - that ticket *doesnt'* implement row-level permissions;
> it modifies the calls for permission checks to allow you to build a
> row-level permissions checker external to Django.
>
> Yours,
> Russ Magee %-)
>

That's true, i probably wasn't too clear on this.

But i would rather use Django API to implement row-level permissions
then start building my own implementation from scratch, if you have
the luxury of waiting till it hits trunk or comes out in 1.2 that is.

Davor

--

You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Per-object permissions

[Russell Keith-Magee]

On Tue, Nov 24, 2009 at 11:16 PM, rebus_ <r.dav...@gmail.com> wrote:
> 2009/11/24 nek4life <nek4l...@gmail.com>:
>> You should look into django-authority.  I'm pretty sure that has per-
>> object-permissions.
>>
>> http://packages.python.org/django-authority/index.html
>>
>> On Nov 24, 7:00 am, gamliel roi <roi.gaml...@gmail.com> wrote:
>>> Hello all,
>>>
>>> I have the admin site up and running but I need to create a group of users,
>>> such that each of the users will be able to edit objects that are only
>>> relevant to them (e.g Project objects that the user is also the
>>> ProjectManager).
>>>
>>> I know that in the past Django had a Per-object permissions branch, which is
>>> now abandoned.
>>>
>>> Should I peruse this direction and try to incorporate this branch to my
>>> current code? is it documented and running properly?
>>>
>>> Any other ideas/suggestions/resources regarding this problem?
>>>
>>
> Row level permisions should be implemented in Django version  1.2 [1]
> if you have the time to wait...
>
> [1] http://code.djangoproject.com/wiki/Version1.2Features

To be clear - that ticket *doesnt'* implement row-level permissions;
it modifies the calls for permission checks to allow you to build a
row-level permissions checker external to Django.

Yours,
Russ Magee %-)

--

You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Per-object permissions

[David De La Harpe Golden]

gamliel roi wrote:
> Hello all,
> 
> I have the admin site up and running but I need to create a group of users,
> such that each of the users will be able to edit objects that are only
> relevant to them (e.g Project objects that the user is also the
> ProjectManager).
> 
> I know that in the past Django had a Per-object permissions branch, which is
> now abandoned.
> 
> Should I peruse this direction and try to incorporate this branch to my
> current code? is it documented and running properly?
> 
> Any other ideas/suggestions/resources regarding this problem?
> 


There's a patch in the django tracker that adds support to help
integrate your own per-object permission handling auth backends  (it
does not in itself constitute per-object permissions):
http://code.djangoproject.com/ticket/11010

I haven't fully worked out how to do integration of our own
(unreleased*) object permission system  even given that patch,
though it would presumably be am  improvement as it would
enable us to use the django admin more (once the admin is
appropriately updated to pass through the object to the revised
auth backend I suppose).

* Maybe I could/should look into getting it released.  We maintain a
D.A.G. where vertices are permissions,roles and users. If a path exists
in the graph (fastish query with the transitive closure representation
used, at least for non-pathological graphs) from a permission to a user
through one or more roles, the user is considered to have that permission.
permissions are action() or action(obj1) or action(obj1,obj2)

Taking your example, in our system, each project would have its own
projectmanager role created, granted the permission to edit the project.

e.g.

perms_all_mgrs_have===>role:project_mgr # just for e.g.
   |
   v
perm:edit(project1) ---> role:project1_mgr ---> user:user1


Thus, user1 is project manager of project1.

























--

You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Per-object permissions

[rebus_]

2009/11/24 nek4life <nek4l...@gmail.com>:
> You should look into django-authority.  I'm pretty sure that has per-
> object-permissions.
>
> http://packages.python.org/django-authority/index.html
>
> On Nov 24, 7:00 am, gamliel roi <roi.gaml...@gmail.com> wrote:
>> Hello all,
>>
>> I have the admin site up and running but I need to create a group of users,
>> such that each of the users will be able to edit objects that are only
>> relevant to them (e.g Project objects that the user is also the
>> ProjectManager).
>>
>> I know that in the past Django had a Per-object permissions branch, which is
>> now abandoned.
>>
>> Should I peruse this direction and try to incorporate this branch to my
>> current code? is it documented and running properly?
>>
>> Any other ideas/suggestions/resources regarding this problem?
>>
>> --
>> Best
>> Roi Gamliel
>
> --
>
> You received this message because you are subscribed to the Google Groups 
> "Django users" group.
> To post to this group, send email to django-us...@googlegroups.com.
> To unsubscribe from this group, send email to 
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/django-users?hl=en.
>
>
>
Row level permisions should be implemented in Django version  1.2 [1]
if you have the time to wait...

[1] http://code.djangoproject.com/wiki/Version1.2Features

--

You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Per-object permissions

[nek4life]

You should look into django-authority.  I'm pretty sure that has per-
object-permissions.

http://packages.python.org/django-authority/index.html

On Nov 24, 7:00 am, gamliel roi <roi.gaml...@gmail.com> wrote:
> Hello all,
>
> I have the admin site up and running but I need to create a group of users,
> such that each of the users will be able to edit objects that are only
> relevant to them (e.g Project objects that the user is also the
> ProjectManager).
>
> I know that in the past Django had a Per-object permissions branch, which is
> now abandoned.
>
> Should I peruse this direction and try to incorporate this branch to my
> current code? is it documented and running properly?
>
> Any other ideas/suggestions/resources regarding this problem?
>
> --
> Best
> Roi Gamliel

--

You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Per-object permissions

[Jani Tiainen]

Most promising solution I've seen is django-authority.

<http://packages.python.org/django-authority/>

I haven't (yet) used it but I'm planning to do that at some point.

Quick peek revealed that branch you mentioned is a quite outdated, last
update is "only" two and half years old..

On Tue, 2009-11-24 at 14:00 +0200, gamliel roi wrote:
> Hello all,
> 
> I have the admin site up and running but I need to create a group of
> users, such that each of the users will be able to edit objects that
> are only relevant to them (e.g Project objects that the user is also
> the ProjectManager). 
> 
> I know that in the past Django had a Per-object permissions branch,
> which is now abandoned. 
> 
> Should I peruse this direction and try to incorporate this branch to
> my current code? is it documented and running properly? 
> 
> Any other ideas/suggestions/resources regarding this problem?
> 
> -- 
> Best
> Roi Gamliel
> 
> --
> 
> You received this message because you are subscribed to the Google
> Groups "Django users" group.
> To post to this group, send email to django-us...@googlegroups.com.
> To unsubscribe from this group, send email to django-users
> +unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.


--

You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Per-object permissions

[gamliel roi]

Hello all,

I have the admin site up and running but I need to create a group of users,
such that each of the users will be able to edit objects that are only
relevant to them (e.g Project objects that the user is also the
ProjectManager).

I know that in the past Django had a Per-object permissions branch, which is
now abandoned.

Should I peruse this direction and try to incorporate this branch to my
current code? is it documented and running properly?

Any other ideas/suggestions/resources regarding this problem?

-- 
Best
Roi Gamliel

--

You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

per object permissions, caching and templates?

[Bram de Jong]

hello all,


For freesound.org I really need per-object permissions and caching.
I would also love to use the {% cache %} template tag as much as
possible because it's so easy and transparent!
Now, say for example I have a sound, and a user can either edit it or
not, or vote for it or not.

can edit > has_change_permission (per object, not per app)
can vote > probably is_authenticated

In general the usage of the per-object permissions in the templates
(and now that I think of, in the views as well :D) is a bit unclear to
me.

How can use these two variables in my pages together with {% cache %}?

{% cache 500 sound_page user.is_authenticated  %}

I see little difference between using per-app permissions in templates
and using per-object permissions, so having some way to do it would be
awesome.


 - bram

-- 
http://www.freesound.org
http://www.smartelectronix.com
http://www.musicdsp.org

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: per object permissions, caching and templates?

[Bram de Jong]

Hello,

On Fri, Jul 25, 2008 at 4:55 PM, Hanne Moa <[EMAIL PROTECTED]> wrote:
>
> AFAIK is_authenticated doesn't enter into it at all.


I think I might not have explained very well...

Newforms-admin ( i.e. "admin" now :) ) has per-object permissions.
These are more programmatic than per-row permissions (i.e. one is
permissions, per row on the database level, the other is a set of
if/else flow control statements in python).

The question was:

* are there any easy access methods for these per-object permissions
in the templates, and -if so- can they be used in conjunction with the
cache template tag.
* aditionally, how does one use the per-object permissions, as defined
in the AdminClasses, in general?


In a perfect world it would be possible to do something like (this is
just an example!):

{% cache  someobject.id user.is_authenticated
user.has_edit_permissions|someobject %}
  {% if user.is_authenticated%}... show comment box... {% endif %}
  {% if user.has_edit_permissions|object_shown %}... show "edit this
object" link... {% endif %}
{% endcache %}

This would mean 4 cached views would be created per displayed object.


Of course one can do all of this in the view, but as far as I know,
you would have to immediately switch to the low-level cache API in
order to do what I just described - nor would you be able to use
generic views out of the box.

cheerio,


 - Bram

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: per object permissions, caching and templates?

[Hanne Moa]

On Fri, Jul 25, 2008 at 11:39 AM, Bram de Jong <[EMAIL PROTECTED]> wrote:
> For freesound.org I really need per-object permissions and caching.
> I would also love to use the {% cache %} template tag as much as
> possible because it's so easy and transparent!
> Now, say for example I have a sound, and a user can either edit it or
> not, or vote for it or not.

AFAIK is_authenticated doesn't enter into it at all.

You meant per-object permissions as in
http://code.djangoproject.com/wiki/RowLevelPermissions yes? That link
has got examples also.

Model objects in Django are rows in a table in some SQL-capable
database. Some such databases already have a system for row-level
permissions but AFAIK every database does it differently... so Django
is getting a portable system, see link.

The question is really whether the system described in the link will
be 100% tied up with the admin-system or not. I haven't tried the
branch but have been using the newforms-admin branch (and need to
clean up my repos), if the rowlevelpermissions-branch is run as
competently as nfa was you have nothing to fear.


HM

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: tracking per-object-permissions branch, merging in from trunk, and fixing problems, adding features.

[Michael Best]

On 3/23/07, Scanner <[EMAIL PROTECTED]> wrote:
>
> On Mar 22, 5:50 pm, "Matthew Flanagan" <[EMAIL PROTECTED]> wrote:
> > I'm definitely interested in the results. Why don't you apply to get
> > check-in permissions on the per-object-permissions branch? That way it
> > can be accessible to the whole django community. Contact Jacob
> > Kaplan-Moss to get an account.
>
> Good to know that there is some interest. I have sent off an email to
> Jacob Kaplan-Moss and will see what he says.



I'm also interested in the per-object-permissions branch and any
fixes/merges with the main trunk that are going to happen.

Any idea what state the it's is in with regards to the just released 0.96code?

-Mike

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: tracking per-object-permissions branch, merging in from trunk, and fixing problems, adding features.

[Scanner]

On Mar 22, 5:50 pm, "Matthew Flanagan" <[EMAIL PROTECTED]> wrote:
> I'm definitely interested in the results. Why don't you apply to get
> check-in permissions on the per-object-permissions branch? That way it
> can be accessible to the whole django community. Contact Jacob
> Kaplan-Moss to get an account.
>
> --
> matthewhttp://wadofstuff.blogspot.com

Good to know that there is some interest. I have sent off an email to
Jacob Kaplan-Moss and will see what he says.


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: tracking per-object-permissions branch, merging in from trunk, and fixing problems, adding features.

[Matthew Flanagan]

On 3/23/07, Scanner <[EMAIL PROTECTED]> wrote:
>
>
>
> On Jan 16, 12:32 pm, Jacob Kaplan-Moss <[EMAIL PROTECTED]> wrote:
> > On 1/16/07 4:05 AM, Russell Keith-Magee wrote:
> >
> > > Given the current push towards 1.0, it seems likely that this
> > > particular merge will not get the attention of the core developers in
> > > the immediate future (at least until 1.0 is out the door). However, if
> > > you want to volunteer, and you don't feel you can contribute to the
> > > 1.0 push, making sure that therow-level permissions branch is in
> > > perfect condition for merging to trunk (i.e., lots of tests,
> > > documentation, good integration with admin, etc) would be one way to
> > > help out.
> >
> > You should also keep and eye on the newforms-admin branch. One of the
> > consequences of redoing the admin is going to be some cleanup in how
> > permissions are checked and implemented, and that should make per-obj-perms
> > *much* simpler.
>
> Note: Posting here because it seemed the most appropriate instead of
> starting a new discussion.
>
> I have been working on a set of apps that absolutely require row level
> permissions. They simply can not meet their intended need without
> this. I could hack something up but instead I am using the per-object-
> permissions branch of django. Because I also want to keep up to date
> with the current trunk of django as well because it has features and
> bug fixes I want to use I have been maintaining a check-out of the per-
> object-permissions branch with the changes merged in from the trunk.
> All is going well so far. I am uncovering some somewhat painful use
> cases (eg: an object that a user has 'view' permission on, and when
> getting a list of those objects they do not get objects in that list
> which they lack 'view' permission on) but in general no problems.
>
> Now the fun part, I am encountering some bugs or not fully implemented
> or thought out parts of the per-object-permissions branch. Sometimes
> the fix is fairly easy (catching exceptions and doing intelligent
> things with them), but sometimes I have to figure out how I want to
> handle a certain case. My current problem is having a way to assign
> permissions to "anonymous" users (ie: is_anonymous is true,
> is_authenticated is false) because certain areas of my apps are open
> to anonymous users.) Now I have ideas on ways to solve this (if you
> use per-object permissions, for example, a group called
> "system:everyone" maybe created that anonymous users are implicitly a
> member of, etc.)
>
> However, I am wondering how to track these changes and perhaps get
> input on them from other people who may be using, or interested in,
> per-object-permissions. Also, right now, I basically have several
> checkouts of the branch on different machines and I need to keep them
> sync'd. My next step is probably to setup a local repository which I
> maintain my work in, and merge in from the per-object-permissions
> branch as well as the trunk.
>
> Any one else working with these branch and interested in the results
> of my attempts to keep it up to date with the mainline, as well as
> some potential fixes?
>

I'm definitely interested in the results. Why don't you apply to get
check-in permissions on the per-object-permissions branch? That way it
can be accessible to the whole django community. Contact Jacob
Kaplan-Moss to get an account.

-- 
matthew
http://wadofstuff.blogspot.com

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

tracking per-object-permissions branch, merging in from trunk, and fixing problems, adding features.

[Scanner]

On Jan 16, 12:32 pm, Jacob Kaplan-Moss <[EMAIL PROTECTED]> wrote:
> On 1/16/07 4:05 AM, Russell Keith-Magee wrote:
>
> > Given the current push towards 1.0, it seems likely that this
> > particular merge will not get the attention of the core developers in
> > the immediate future (at least until 1.0 is out the door). However, if
> > you want to volunteer, and you don't feel you can contribute to the
> > 1.0 push, making sure that therow-level permissions branch is in
> > perfect condition for merging to trunk (i.e., lots of tests,
> > documentation, good integration with admin, etc) would be one way to
> > help out.
>
> You should also keep and eye on the newforms-admin branch. One of the
> consequences of redoing the admin is going to be some cleanup in how
> permissions are checked and implemented, and that should make per-obj-perms
> *much* simpler.

Note: Posting here because it seemed the most appropriate instead of
starting a new discussion.

I have been working on a set of apps that absolutely require row level
permissions. They simply can not meet their intended need without
this. I could hack something up but instead I am using the per-object-
permissions branch of django. Because I also want to keep up to date
with the current trunk of django as well because it has features and
bug fixes I want to use I have been maintaining a check-out of the per-
object-permissions branch with the changes merged in from the trunk.
All is going well so far. I am uncovering some somewhat painful use
cases (eg: an object that a user has 'view' permission on, and when
getting a list of those objects they do not get objects in that list
which they lack 'view' permission on) but in general no problems.

Now the fun part, I am encountering some bugs or not fully implemented
or thought out parts of the per-object-permissions branch. Sometimes
the fix is fairly easy (catching exceptions and doing intelligent
things with them), but sometimes I have to figure out how I want to
handle a certain case. My current problem is having a way to assign
permissions to "anonymous" users (ie: is_anonymous is true,
is_authenticated is false) because certain areas of my apps are open
to anonymous users.) Now I have ideas on ways to solve this (if you
use per-object permissions, for example, a group called
"system:everyone" maybe created that anonymous users are implicitly a
member of, etc.)

However, I am wondering how to track these changes and perhaps get
input on them from other people who may be using, or interested in,
per-object-permissions. Also, right now, I basically have several
checkouts of the branch on different machines and I need to keep them
sync'd. My next step is probably to setup a local repository which I
maintain my work in, and merge in from the per-object-permissions
branch as well as the trunk.

Any one else working with these branch and interested in the results
of my attempts to keep it up to date with the mainline, as well as
some potential fixes?


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: Per object permissions

[Jay Parlar]

On 2/8/07, Ramdas S <[EMAIL PROTECTED]> wrote:
> I think Adrian is keeping the trunk upto date. I am using thie updates trunk
> right nowand everything seems to be OK

Except that the per-object permissions branch hasn't had a trunk merge
for over a month. I'd *guess* Adrian is too busy with the newforms
branch right now.

Jay P.

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: Per object permissions

[Ramdas S]

I think Adrian is keeping the trunk upto date. I am using thie updates trunk
right nowand everything seems to be OK


Ramdas S

On 2/9/07, Scanner <[EMAIL PROTECTED]> wrote:
>
>
>
>
> On Feb 7, 8:36 pm, "Jay Parlar" <[EMAIL PROTECTED]> wrote:
> > Chris Long was the original maintainer, and he kept doing merges for
> > awhile. At this point though, I haven't seen him around these parts in
> > months.
> >
> > Adrian was doing it for awhile after that, but seems to have stopped.
> >
> > I've got a site running in production that uses the branch, and it's
> > working for me. Luckily the site doesn't need any major changes (and
> > won't anytime soon), or I'd have some issues.
> >
> > Jay P.
>
> Okay, at least we know what the state is. I am going to try to merge
> stuff from main in to my checked out copy for my own purposes.
> It does not look like this will be too painful for me to main for
> myself for these projects.
>
> --Scanner
>
>
> >
>

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: Per object permissions

[Scanner]

On Feb 7, 8:36 pm, "Jay Parlar" <[EMAIL PROTECTED]> wrote:
> Chris Long was the original maintainer, and he kept doing merges for
> awhile. At this point though, I haven't seen him around these parts in
> months.
>
> Adrian was doing it for awhile after that, but seems to have stopped.
>
> I've got a site running in production that uses the branch, and it's
> working for me. Luckily the site doesn't need any major changes (and
> won't anytime soon), or I'd have some issues.
>
> Jay P.

Okay, at least we know what the state is. I am going to try to merge
stuff from main in to my checked out copy for my own purposes.
It does not look like this will be too painful for me to main for
myself for these projects.

--Scanner


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: Per object permissions

[Jay Parlar]

On 2/7/07, Scanner <[EMAIL PROTECTED]> wrote:
> Is someone actively merging in stuff from mainline?
> I emailed the address listed on the wiki page at djangoproject.com
> for the project but either my spam filter ate the response or I have
> not gotten any response.

Chris Long was the original maintainer, and he kept doing merges for
awhile. At this point though, I haven't seen him around these parts in
months.

Adrian was doing it for awhile after that, but seems to have stopped.

I've got a site running in production that uses the branch, and it's
working for me. Luckily the site doesn't need any major changes (and
won't anytime soon), or I'd have some issues.

Jay P.

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: Per object permissions

[Scanner]

On Feb 7, 2:36 pm, "Russell Keith-Magee" <[EMAIL PROTECTED]>
wrote:
> I, for one, am keen to see per-object permissions merged into trunk.
> In terms of timelines, it probably won't happen before v1.0, but it is
> definitely on the list of things to do.
>
> However, like all the branches, it requires attention. It needs people
> to try it out, point out problems, fix problems, write documentation,
> and then recommend it for merging. If you want to see this branch
> merged, use it, and report problems.

I have been trying to use the RLP branch in some projects I have
because
its functionality is absolutely critical for the kinds of web apps
I am creating.

However, the branch appears to be quite stale and forgotten and
I also need some of the features of the mainline (all of the latest
and greatest newform's fixes.)

This puts me in an uncomfortable position as I want to and am
trying to use it, but am bumping up against its staleness
with respect to the mainline.

Is someone actively merging in stuff from mainline?
I emailed the address listed on the wiki page at djangoproject.com
for the project but either my spam filter ate the response or I have
not gotten any response.

--Scanner


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: Per object permissions

[Russell Keith-Magee]

On 2/7/07, Edward Muller <[EMAIL PROTECTED]> wrote:
>
> What happened to the per object permission branches? Are they going
> to be integrated into django?

I, for one, am keen to see per-object permissions merged into trunk.
In terms of timelines, it probably won't happen before v1.0, but it is
definitely on the list of things to do.

However, like all the branches, it requires attention. It needs people
to try it out, point out problems, fix problems, write documentation,
and then recommend it for merging. If you want to see this branch
merged, use it, and report problems.

Yours,
Russ Magee %-)

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: Generic Authorization vs per-object-permissions branch

[Frédéric Roland]

I would like to see these branches merged with the trunk too but lack 
sufficient experience with working with trunk/branches.
What are the steps needed to merge the last change from the trunk into 
the branches to keep the branches up to date ?
How would you do it ? Start with the patch committed to trunk after the 
last revision of the branches one by one and launch the automated tests 
to see if everything is ok ?
How would you split the work amongs several developpers ?
I think that the more the time lapses the more the effort needed to 
merge these branches into trunk will be bigger.


F.R.


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: Generic Authorization vs per-object-permissions branch

[Ramdas S]

Nope,

People are pretty silent about this.

I think the argument that no one has tested these branches enough and hence
we cannot integrate it will not take this forward.

We need to see that one by one these trunks are integrated to SVN. As such
there are many bugs or missing features in the current SVN, and things are
being fixed on day-to-day basis.

I am sure once these trunks are integrated we will see rapid activity which
will make the branches more stable.

I hope some proactive step is taken on this count!

And of course some tutorial like documentation will help us.

Ramdas

On 2/7/07, Edward Muller <[EMAIL PROTECTED]> wrote:
>
>
> I am wondering the same thing. Did you ever hear anything about those
> branches?
>
> On Jan 26, 2007, at 9:41 AM, Ramdas S wrote:
>
> >
> > Hi,
> >
> > I am working on something where I need to provide object level
> > permissions or column level permissions at least.
> >
> > There are two branches which I see being **inactively**. being
> > developed. 1) Per-object-permissions which I feel is stable enough
> > though I have not tried nothing really significant on that 2)
> > Generic Authorization.
> >
> > Can someone advise the future of these two branches? Will they be
> > merged with the main trunk?
> >
> > I hear on and off that users are not testing these branches well
> > enough, and hence they are not being merged.
> >
> > IMHO, I feel we must merge these branches into the main trunk and
> > so that more users will try the features.
> >
> > It is difficult for an average user like me to keep on switching
> > back from the main trunk to the branches and back.
> >
> > The only way we will have things fixed is, by merging these trunks
> > in to the development edition.
> >
> > do advise
> >
> > Ramdas
> >
> >
> >
> >
> >
> >
> > Is there
> >
> >
> >
> > >
>
>
> >
>

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: Generic Authorization vs per-object-permissions branch

[Edward Muller]

I am wondering the same thing. Did you ever hear anything about those  
branches?

On Jan 26, 2007, at 9:41 AM, Ramdas S wrote:

>
> Hi,
>
> I am working on something where I need to provide object level  
> permissions or column level permissions at least.
>
> There are two branches which I see being **inactively**. being  
> developed. 1) Per-object-permissions which I feel is stable enough  
> though I have not tried nothing really significant on that 2)  
> Generic Authorization.
>
> Can someone advise the future of these two branches? Will they be  
> merged with the main trunk?
>
> I hear on and off that users are not testing these branches well  
> enough, and hence they are not being merged.
>
> IMHO, I feel we must merge these branches into the main trunk and  
> so that more users will try the features.
>
> It is difficult for an average user like me to keep on switching  
> back from the main trunk to the branches and back.
>
> The only way we will have things fixed is, by merging these trunks  
> in to the development edition.
>
> do advise
>
> Ramdas
>
>
>
>
>
>
> Is there
>
>
>
> >


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Per object permissions

[Edward Muller]

What happened to the per object permission branches? Are they going  
to be integrated into django?

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Generic Authorization vs per-object-permissions branch

[Ramdas S]

Hi,

I am working on something where I need to provide object level permissions
or column level permissions at least.

There are two branches which I see being **inactively**. being developed. 1)
Per-object-permissions which I feel is stable enough though I have not tried
nothing really significant on that 2) Generic Authorization.

Can someone advise the future of these two branches? Will they be merged
with the main trunk?

I hear on and off that users are not testing these branches well enough, and
hence they are not being merged.

IMHO, I feel we must merge these branches into the main trunk and so that
more users will try the features.

It is difficult for an average user like me to keep on switching back from
the main trunk to the branches and back.

The only way we will have things fixed is, by merging these trunks in to the
development edition.

do advise

Ramdas






Is there

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---