Re: Announces django-guardian: per object permissions for Django 1.2
On Thu, Aug 5, 2010 at 3:32 AM, lukaszbwrote: > Thanks for the comment! I really do think that this "backends ready && > included" parts of Django are extremely useful (and fun to extend if > needed). > > About the admin, I haven't really get into admin integration yet as I > cannot answer this: should user with "flatpages.change_flatpage" > permission for flatpage instance be able to edit it at admin if he/she > doesn't have "flatpage.change_flatpage" global permission? I'm just > stuck here - I suppose it would be good to "turn off" ability to > change some objects for user with this global "app.change_obj" > permission removal. On the other hand, wouldn't it be too much to give > such global permission for user if we intend to allow him/her to > change only single object? There are two possible readings of the global obj=None case. a) A user must have the global permission in order to be granted the permission for individual objects. This means that the global permission is a 'gatekeeper' of sorts for individual object permissions. b) The global permission is the 'fallback' permission if a specific object permssion doesn't exist. That is the obj=None permission is the "allow all" permission. My reading of the code and docs [1] [2] is that (b) is the intended interpretation. From a practical standpoint, this also makes sense: in the case of (a), there is no way to grant a wildcard permission. [1] http://docs.djangoproject.com/en/dev/topics/auth/#django.contrib.auth.models.User.has_perm [2] http://code.djangoproject.com/wiki/RowLevelPermissions So - in terms of the practical situation you describe; this means that a user can only edit a specific flatpage if they have the change permission for a specific instance, *or* they have the global obj=None permission. The issue that cascades on from this is the UX issue of how to represent an object that you can't edit. Should it be displayed, but not presented as a link? Should it be hidden entirely? Yours, Russ Magee %-) -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Announces django-guardian: per object permissions for Django 1.2
On Aug 4, 9:18 pm, lukaszb <lukaszbalcer...@gmail.com> wrote: > Welll, at the django.contrib.auth there are only those (User and > Group) models for which one may define permission sets and I wanted > guardian to be as simply as possible - so it is not possible to assign > permission to other model even if it "groups users". At one point I > thought it could be nice to implement some kind of "roles" but I've > finally decided it would be better to stick to facilites provided by > new Django version. > > On the other hand, I'm not sure if it is needed to create new > "grouping models" - I often use intermediate models for this (i.e. > Team model with fk to Group among other fields). Let me know if you > have different experience. > > On 4 Sie, 15:26, derek <gamesb...@gmail.com> wrote: > > > On Aug 4, 1:20 am, lukaszb <lukaszbalcer...@gmail.com> wrote: > > > > Hi all, > > > > I'd like to announce django-guardian - very basic yet usable per > > > object permissions > > > implementation for Django 1.2, using new authorization backend > > > facilities. > > > > It was created during 2 days sprint, code have been released and may > > > be found athttp://github.com/lukaszb/django-guardian/. > > > Documentation is available athttp://packages.python.org/django-guardian/. > > > > Currently I think there should be better integration with admin app > > > and some shortcuts (permission assignment/removal) > > > should support table-level permissions as well. > > > > If you spot a bug or have an idea how to improve this little app, > > > please spare a minute at issue tracker, which is located > > > athttp://github.com/lukaszb/django-guardian/issues. > > > > Hope someone would find this useful. > > > No doubt this will be extremely useful! For me, integration with the > > Django admin is a must, though, as permissions will need to be > > assigned by users themselves via the standard interface. > > > One (maybe stupid) question: Can rights only be assigned to the pre- > > specified "Group", or can any model that handles user grouping (I have > > some custom ones in my app) be used? > > > Thanks > > Derek That's a pity; guess I will need to stick to my home-grown code in that case. -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Announces django-guardian: per object permissions for Django 1.2
Thanks for the comment! I really do think that this "backends ready && included" parts of Django are extremely useful (and fun to extend if needed). About the admin, I haven't really get into admin integration yet as I cannot answer this: should user with "flatpages.change_flatpage" permission for flatpage instance be able to edit it at admin if he/she doesn't have "flatpage.change_flatpage" global permission? I'm just stuck here - I suppose it would be good to "turn off" ability to change some objects for user with this global "app.change_obj" permission removal. On the other hand, wouldn't it be too much to give such global permission for user if we intend to allow him/her to change only single object? Am not sure if I should start such discussion here but I just couldn't resist :) On 4 Sie, 01:34, Russell Keith-Magee <russ...@keith-magee.com> wrote: > On Wed, Aug 4, 2010 at 7:20 AM, lukaszb <lukaszbalcer...@gmail.com> wrote: > > Hi all, > > > I'd like to announce django-guardian - very basic yet usable per > > object permissions > > implementation for Django 1.2, using new authorization backend > > facilities. > > > It was created during 2 days sprint, code have been released and may > > be found athttp://github.com/lukaszb/django-guardian/. > > Documentation is available athttp://packages.python.org/django-guardian/. > > > Currently I think there should be better integration with admin app > > and some shortcuts (permission assignment/removal) > > should support table-level permissions as well. > > > If you spot a bug or have an idea how to improve this little app, > > please spare a minute at issue tracker, which is located at > >http://github.com/lukaszb/django-guardian/issues. > > > Hope someone would find this useful. > > > Take care, > > Lukasz > > Hi Lukasz, > > Great stuff! Thanks for taking the effort to implement this and put it > out in the open. It's a fantastic example of the sort of thing that > can be very useful without needing to be part of core, which is the > reason that we put the object-based permissions API into the auth > backends. > > Regarding admin app integration -- integration of object-level > permissions with the admin app is one area where I am aware there are > some bugs (or, at least, some areas where the object-based permissions > API isn't being used as it should). This aspect of Django's admin > could do with some attention, so if your experience of implementing an > object-based permissions backend has you contemplating a bigger > project, auditing the admin for adherence to object-based permissions > could be an interesting candidate. > > Yours, > Russ Magee %-) -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Announces django-guardian: per object permissions for Django 1.2
Welll, at the django.contrib.auth there are only those (User and Group) models for which one may define permission sets and I wanted guardian to be as simply as possible - so it is not possible to assign permission to other model even if it "groups users". At one point I thought it could be nice to implement some kind of "roles" but I've finally decided it would be better to stick to facilites provided by new Django version. On the other hand, I'm not sure if it is needed to create new "grouping models" - I often use intermediate models for this (i.e. Team model with fk to Group among other fields). Let me know if you have different experience. On 4 Sie, 15:26, derek <gamesb...@gmail.com> wrote: > On Aug 4, 1:20 am, lukaszb <lukaszbalcer...@gmail.com> wrote: > > > > > > > Hi all, > > > I'd like to announce django-guardian - very basic yet usable per > > object permissions > > implementation for Django 1.2, using new authorization backend > > facilities. > > > It was created during 2 days sprint, code have been released and may > > be found athttp://github.com/lukaszb/django-guardian/. > > Documentation is available athttp://packages.python.org/django-guardian/. > > > Currently I think there should be better integration with admin app > > and some shortcuts (permission assignment/removal) > > should support table-level permissions as well. > > > If you spot a bug or have an idea how to improve this little app, > > please spare a minute at issue tracker, which is located > > athttp://github.com/lukaszb/django-guardian/issues. > > > Hope someone would find this useful. > > No doubt this will be extremely useful! For me, integration with the > Django admin is a must, though, as permissions will need to be > assigned by users themselves via the standard interface. > > One (maybe stupid) question: Can rights only be assigned to the pre- > specified "Group", or can any model that handles user grouping (I have > some custom ones in my app) be used? > > Thanks > Derek -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Announces django-guardian: per object permissions for Django 1.2
On Aug 4, 1:20 am, lukaszb <lukaszbalcer...@gmail.com> wrote: > Hi all, > > I'd like to announce django-guardian - very basic yet usable per > object permissions > implementation for Django 1.2, using new authorization backend > facilities. > > It was created during 2 days sprint, code have been released and may > be found athttp://github.com/lukaszb/django-guardian/. > Documentation is available athttp://packages.python.org/django-guardian/. > > Currently I think there should be better integration with admin app > and some shortcuts (permission assignment/removal) > should support table-level permissions as well. > > If you spot a bug or have an idea how to improve this little app, > please spare a minute at issue tracker, which is located > athttp://github.com/lukaszb/django-guardian/issues. > > Hope someone would find this useful. No doubt this will be extremely useful! For me, integration with the Django admin is a must, though, as permissions will need to be assigned by users themselves via the standard interface. One (maybe stupid) question: Can rights only be assigned to the pre- specified "Group", or can any model that handles user grouping (I have some custom ones in my app) be used? Thanks Derek -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Announces django-guardian: per object permissions for Django 1.2
On Wed, Aug 4, 2010 at 7:20 AM, lukaszb <lukaszbalcer...@gmail.com> wrote: > Hi all, > > I'd like to announce django-guardian - very basic yet usable per > object permissions > implementation for Django 1.2, using new authorization backend > facilities. > > It was created during 2 days sprint, code have been released and may > be found at http://github.com/lukaszb/django-guardian/. > Documentation is available at http://packages.python.org/django-guardian/. > > Currently I think there should be better integration with admin app > and some shortcuts (permission assignment/removal) > should support table-level permissions as well. > > If you spot a bug or have an idea how to improve this little app, > please spare a minute at issue tracker, which is located at > http://github.com/lukaszb/django-guardian/issues. > > Hope someone would find this useful. > > Take care, > Lukasz Hi Lukasz, Great stuff! Thanks for taking the effort to implement this and put it out in the open. It's a fantastic example of the sort of thing that can be very useful without needing to be part of core, which is the reason that we put the object-based permissions API into the auth backends. Regarding admin app integration -- integration of object-level permissions with the admin app is one area where I am aware there are some bugs (or, at least, some areas where the object-based permissions API isn't being used as it should). This aspect of Django's admin could do with some attention, so if your experience of implementing an object-based permissions backend has you contemplating a bigger project, auditing the admin for adherence to object-based permissions could be an interesting candidate. Yours, Russ Magee %-) -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Announces django-guardian: per object permissions for Django 1.2
Hi all, I'd like to announce django-guardian - very basic yet usable per object permissions implementation for Django 1.2, using new authorization backend facilities. It was created during 2 days sprint, code have been released and may be found at http://github.com/lukaszb/django-guardian/. Documentation is available at http://packages.python.org/django-guardian/. Currently I think there should be better integration with admin app and some shortcuts (permission assignment/removal) should support table-level permissions as well. If you spot a bug or have an idea how to improve this little app, please spare a minute at issue tracker, which is located at http://github.com/lukaszb/django-guardian/issues. Hope someone would find this useful. Take care, Lukasz -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Per-object permissions
http://github.com/initcrash/django-object-permissions/ implements this on 1.1 (it's not hard at all, so i don't really understand the change planed for 1.2) there are no docs yet, but the testproject shows how to use it: just use ObjectPermissionAdmin as base for the admin classes instead of ModelAdmin, that's it. On Nov 25, 2:49 pm, rebus_ <r.dav...@gmail.com> wrote: > 2009/11/25 Gamliel Roi <roi.gaml...@gmail.com>: > > > > > Any idea when 1.2 will be released? > > > On Wed, Nov 25, 2009 at 3:31 PM, rebus_ <r.dav...@gmail.com> wrote: > > >> 2009/11/25 Russell Keith-Magee <freakboy3...@gmail.com>: > >> > On Tue, Nov 24, 2009 at 11:16 PM, rebus_ <r.dav...@gmail.com> wrote: > >> >> 2009/11/24 nek4life <nek4l...@gmail.com>: > >> >>> You should look into django-authority. I'm pretty sure that has per- > >> >>> object-permissions. > > >> >>>http://packages.python.org/django-authority/index.html > > >> >>> On Nov 24, 7:00 am, gamliel roi <roi.gaml...@gmail.com> wrote: > >> >>>> Hello all, > > >> >>>> I have the admin site up and running but I need to create a group of > >> >>>> users, > >> >>>> such that each of the users will be able to edit objects that are > >> >>>> only > >> >>>> relevant to them (e.g Project objects that the user is also the > >> >>>> ProjectManager). > > >> >>>> I know that in the past Django had a Per-object permissions branch, > >> >>>> which is > >> >>>> now abandoned. > > >> >>>> Should I peruse this direction and try to incorporate this branch to > >> >>>> my > >> >>>> current code? is it documented and running properly? > > >> >>>> Any other ideas/suggestions/resources regarding this problem? > > >> >> Row level permisions should be implemented in Django version 1.2 [1] > >> >> if you have the time to wait... > > >> >> [1]http://code.djangoproject.com/wiki/Version1.2Features > > >> > To be clear - that ticket *doesnt'* implement row-level permissions; > >> > it modifies the calls for permission checks to allow you to build a > >> > row-level permissions checker external to Django. > > >> > Yours, > >> > Russ Magee %-) > > >> That's true, i probably wasn't too clear on this. > > >> But i would rather use Django API to implement row-level permissions > >> then start building my own implementation from scratch, if you have > >> the luxury of waiting till it hits trunk or comes out in 1.2 that is. > > >> Davor > > >> -- > > >> You received this message because you are subscribed to the Google Groups > >> "Django users" group. > >> To post to this group, send email to django-us...@googlegroups.com. > >> To unsubscribe from this group, send email to > >> django-users+unsubscr...@googlegroups.com. > >> For more options, visit this group at > >>http://groups.google.com/group/django-users?hl=en. > > > -- > > Best > > Roi Gamliel > > > -- > > http://code.djangoproject.com/wiki/Version1.2Roadmap -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Per-object permissions
2009/11/25 Gamliel Roi <roi.gaml...@gmail.com>: > Any idea when 1.2 will be released? > > > > On Wed, Nov 25, 2009 at 3:31 PM, rebus_ <r.dav...@gmail.com> wrote: >> >> 2009/11/25 Russell Keith-Magee <freakboy3...@gmail.com>: >> > On Tue, Nov 24, 2009 at 11:16 PM, rebus_ <r.dav...@gmail.com> wrote: >> >> 2009/11/24 nek4life <nek4l...@gmail.com>: >> >>> You should look into django-authority. I'm pretty sure that has per- >> >>> object-permissions. >> >>> >> >>> http://packages.python.org/django-authority/index.html >> >>> >> >>> On Nov 24, 7:00 am, gamliel roi <roi.gaml...@gmail.com> wrote: >> >>>> Hello all, >> >>>> >> >>>> I have the admin site up and running but I need to create a group of >> >>>> users, >> >>>> such that each of the users will be able to edit objects that are >> >>>> only >> >>>> relevant to them (e.g Project objects that the user is also the >> >>>> ProjectManager). >> >>>> >> >>>> I know that in the past Django had a Per-object permissions branch, >> >>>> which is >> >>>> now abandoned. >> >>>> >> >>>> Should I peruse this direction and try to incorporate this branch to >> >>>> my >> >>>> current code? is it documented and running properly? >> >>>> >> >>>> Any other ideas/suggestions/resources regarding this problem? >> >>>> >> >>> >> >> Row level permisions should be implemented in Django version 1.2 [1] >> >> if you have the time to wait... >> >> >> >> [1] http://code.djangoproject.com/wiki/Version1.2Features >> > >> > To be clear - that ticket *doesnt'* implement row-level permissions; >> > it modifies the calls for permission checks to allow you to build a >> > row-level permissions checker external to Django. >> > >> > Yours, >> > Russ Magee %-) >> > >> >> That's true, i probably wasn't too clear on this. >> >> But i would rather use Django API to implement row-level permissions >> then start building my own implementation from scratch, if you have >> the luxury of waiting till it hits trunk or comes out in 1.2 that is. >> >> Davor >> >> -- >> >> You received this message because you are subscribed to the Google Groups >> "Django users" group. >> To post to this group, send email to django-us...@googlegroups.com. >> To unsubscribe from this group, send email to >> django-users+unsubscr...@googlegroups.com. >> For more options, visit this group at >> http://groups.google.com/group/django-users?hl=en. >> >> > > > > -- > Best > Roi Gamliel > > -- http://code.djangoproject.com/wiki/Version1.2Roadmap -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Per-object permissions
Any idea when 1.2 will be released? On Wed, Nov 25, 2009 at 3:31 PM, rebus_ <r.dav...@gmail.com> wrote: > 2009/11/25 Russell Keith-Magee <freakboy3...@gmail.com>: > > On Tue, Nov 24, 2009 at 11:16 PM, rebus_ <r.dav...@gmail.com> wrote: > >> 2009/11/24 nek4life <nek4l...@gmail.com>: > >>> You should look into django-authority. I'm pretty sure that has per- > >>> object-permissions. > >>> > >>> http://packages.python.org/django-authority/index.html > >>> > >>> On Nov 24, 7:00 am, gamliel roi <roi.gaml...@gmail.com> wrote: > >>>> Hello all, > >>>> > >>>> I have the admin site up and running but I need to create a group of > users, > >>>> such that each of the users will be able to edit objects that are only > >>>> relevant to them (e.g Project objects that the user is also the > >>>> ProjectManager). > >>>> > >>>> I know that in the past Django had a Per-object permissions branch, > which is > >>>> now abandoned. > >>>> > >>>> Should I peruse this direction and try to incorporate this branch to > my > >>>> current code? is it documented and running properly? > >>>> > >>>> Any other ideas/suggestions/resources regarding this problem? > >>>> > >>> > >> Row level permisions should be implemented in Django version 1.2 [1] > >> if you have the time to wait... > >> > >> [1] http://code.djangoproject.com/wiki/Version1.2Features > > > > To be clear - that ticket *doesnt'* implement row-level permissions; > > it modifies the calls for permission checks to allow you to build a > > row-level permissions checker external to Django. > > > > Yours, > > Russ Magee %-) > > > > That's true, i probably wasn't too clear on this. > > But i would rather use Django API to implement row-level permissions > then start building my own implementation from scratch, if you have > the luxury of waiting till it hits trunk or comes out in 1.2 that is. > > Davor > > -- > > You received this message because you are subscribed to the Google Groups > "Django users" group. > To post to this group, send email to django-us...@googlegroups.com. > To unsubscribe from this group, send email to > django-users+unsubscr...@googlegroups.com<django-users%2bunsubscr...@googlegroups.com> > . > For more options, visit this group at > http://groups.google.com/group/django-users?hl=en. > > > -- Best Roi Gamliel -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Per-object permissions
2009/11/25 Russell Keith-Magee <freakboy3...@gmail.com>: > On Tue, Nov 24, 2009 at 11:16 PM, rebus_ <r.dav...@gmail.com> wrote: >> 2009/11/24 nek4life <nek4l...@gmail.com>: >>> You should look into django-authority. I'm pretty sure that has per- >>> object-permissions. >>> >>> http://packages.python.org/django-authority/index.html >>> >>> On Nov 24, 7:00 am, gamliel roi <roi.gaml...@gmail.com> wrote: >>>> Hello all, >>>> >>>> I have the admin site up and running but I need to create a group of users, >>>> such that each of the users will be able to edit objects that are only >>>> relevant to them (e.g Project objects that the user is also the >>>> ProjectManager). >>>> >>>> I know that in the past Django had a Per-object permissions branch, which >>>> is >>>> now abandoned. >>>> >>>> Should I peruse this direction and try to incorporate this branch to my >>>> current code? is it documented and running properly? >>>> >>>> Any other ideas/suggestions/resources regarding this problem? >>>> >>> >> Row level permisions should be implemented in Django version 1.2 [1] >> if you have the time to wait... >> >> [1] http://code.djangoproject.com/wiki/Version1.2Features > > To be clear - that ticket *doesnt'* implement row-level permissions; > it modifies the calls for permission checks to allow you to build a > row-level permissions checker external to Django. > > Yours, > Russ Magee %-) > That's true, i probably wasn't too clear on this. But i would rather use Django API to implement row-level permissions then start building my own implementation from scratch, if you have the luxury of waiting till it hits trunk or comes out in 1.2 that is. Davor -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Per-object permissions
On Tue, Nov 24, 2009 at 11:16 PM, rebus_ <r.dav...@gmail.com> wrote: > 2009/11/24 nek4life <nek4l...@gmail.com>: >> You should look into django-authority. I'm pretty sure that has per- >> object-permissions. >> >> http://packages.python.org/django-authority/index.html >> >> On Nov 24, 7:00 am, gamliel roi <roi.gaml...@gmail.com> wrote: >>> Hello all, >>> >>> I have the admin site up and running but I need to create a group of users, >>> such that each of the users will be able to edit objects that are only >>> relevant to them (e.g Project objects that the user is also the >>> ProjectManager). >>> >>> I know that in the past Django had a Per-object permissions branch, which is >>> now abandoned. >>> >>> Should I peruse this direction and try to incorporate this branch to my >>> current code? is it documented and running properly? >>> >>> Any other ideas/suggestions/resources regarding this problem? >>> >> > Row level permisions should be implemented in Django version 1.2 [1] > if you have the time to wait... > > [1] http://code.djangoproject.com/wiki/Version1.2Features To be clear - that ticket *doesnt'* implement row-level permissions; it modifies the calls for permission checks to allow you to build a row-level permissions checker external to Django. Yours, Russ Magee %-) -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Per-object permissions
gamliel roi wrote: > Hello all, > > I have the admin site up and running but I need to create a group of users, > such that each of the users will be able to edit objects that are only > relevant to them (e.g Project objects that the user is also the > ProjectManager). > > I know that in the past Django had a Per-object permissions branch, which is > now abandoned. > > Should I peruse this direction and try to incorporate this branch to my > current code? is it documented and running properly? > > Any other ideas/suggestions/resources regarding this problem? > There's a patch in the django tracker that adds support to help integrate your own per-object permission handling auth backends (it does not in itself constitute per-object permissions): http://code.djangoproject.com/ticket/11010 I haven't fully worked out how to do integration of our own (unreleased*) object permission system even given that patch, though it would presumably be am improvement as it would enable us to use the django admin more (once the admin is appropriately updated to pass through the object to the revised auth backend I suppose). * Maybe I could/should look into getting it released. We maintain a D.A.G. where vertices are permissions,roles and users. If a path exists in the graph (fastish query with the transitive closure representation used, at least for non-pathological graphs) from a permission to a user through one or more roles, the user is considered to have that permission. permissions are action() or action(obj1) or action(obj1,obj2) Taking your example, in our system, each project would have its own projectmanager role created, granted the permission to edit the project. e.g. perms_all_mgrs_have===>role:project_mgr # just for e.g. | v perm:edit(project1) ---> role:project1_mgr ---> user:user1 Thus, user1 is project manager of project1. -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Per-object permissions
2009/11/24 nek4life <nek4l...@gmail.com>: > You should look into django-authority. I'm pretty sure that has per- > object-permissions. > > http://packages.python.org/django-authority/index.html > > On Nov 24, 7:00 am, gamliel roi <roi.gaml...@gmail.com> wrote: >> Hello all, >> >> I have the admin site up and running but I need to create a group of users, >> such that each of the users will be able to edit objects that are only >> relevant to them (e.g Project objects that the user is also the >> ProjectManager). >> >> I know that in the past Django had a Per-object permissions branch, which is >> now abandoned. >> >> Should I peruse this direction and try to incorporate this branch to my >> current code? is it documented and running properly? >> >> Any other ideas/suggestions/resources regarding this problem? >> >> -- >> Best >> Roi Gamliel > > -- > > You received this message because you are subscribed to the Google Groups > "Django users" group. > To post to this group, send email to django-us...@googlegroups.com. > To unsubscribe from this group, send email to > django-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/django-users?hl=en. > > > Row level permisions should be implemented in Django version 1.2 [1] if you have the time to wait... [1] http://code.djangoproject.com/wiki/Version1.2Features -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Per-object permissions
You should look into django-authority. I'm pretty sure that has per- object-permissions. http://packages.python.org/django-authority/index.html On Nov 24, 7:00 am, gamliel roi <roi.gaml...@gmail.com> wrote: > Hello all, > > I have the admin site up and running but I need to create a group of users, > such that each of the users will be able to edit objects that are only > relevant to them (e.g Project objects that the user is also the > ProjectManager). > > I know that in the past Django had a Per-object permissions branch, which is > now abandoned. > > Should I peruse this direction and try to incorporate this branch to my > current code? is it documented and running properly? > > Any other ideas/suggestions/resources regarding this problem? > > -- > Best > Roi Gamliel -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Per-object permissions
Most promising solution I've seen is django-authority. <http://packages.python.org/django-authority/> I haven't (yet) used it but I'm planning to do that at some point. Quick peek revealed that branch you mentioned is a quite outdated, last update is "only" two and half years old.. On Tue, 2009-11-24 at 14:00 +0200, gamliel roi wrote: > Hello all, > > I have the admin site up and running but I need to create a group of > users, such that each of the users will be able to edit objects that > are only relevant to them (e.g Project objects that the user is also > the ProjectManager). > > I know that in the past Django had a Per-object permissions branch, > which is now abandoned. > > Should I peruse this direction and try to incorporate this branch to > my current code? is it documented and running properly? > > Any other ideas/suggestions/resources regarding this problem? > > -- > Best > Roi Gamliel > > -- > > You received this message because you are subscribed to the Google > Groups "Django users" group. > To post to this group, send email to django-us...@googlegroups.com. > To unsubscribe from this group, send email to django-users > +unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/django-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Per-object permissions
Hello all, I have the admin site up and running but I need to create a group of users, such that each of the users will be able to edit objects that are only relevant to them (e.g Project objects that the user is also the ProjectManager). I know that in the past Django had a Per-object permissions branch, which is now abandoned. Should I peruse this direction and try to incorporate this branch to my current code? is it documented and running properly? Any other ideas/suggestions/resources regarding this problem? -- Best Roi Gamliel -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
per object permissions, caching and templates?
hello all, For freesound.org I really need per-object permissions and caching. I would also love to use the {% cache %} template tag as much as possible because it's so easy and transparent! Now, say for example I have a sound, and a user can either edit it or not, or vote for it or not. can edit > has_change_permission (per object, not per app) can vote > probably is_authenticated In general the usage of the per-object permissions in the templates (and now that I think of, in the views as well :D) is a bit unclear to me. How can use these two variables in my pages together with {% cache %}? {% cache 500 sound_page user.is_authenticated %} I see little difference between using per-app permissions in templates and using per-object permissions, so having some way to do it would be awesome. - bram -- http://www.freesound.org http://www.smartelectronix.com http://www.musicdsp.org --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: per object permissions, caching and templates?
Hello, On Fri, Jul 25, 2008 at 4:55 PM, Hanne Moa <[EMAIL PROTECTED]> wrote: > > AFAIK is_authenticated doesn't enter into it at all. I think I might not have explained very well... Newforms-admin ( i.e. "admin" now :) ) has per-object permissions. These are more programmatic than per-row permissions (i.e. one is permissions, per row on the database level, the other is a set of if/else flow control statements in python). The question was: * are there any easy access methods for these per-object permissions in the templates, and -if so- can they be used in conjunction with the cache template tag. * aditionally, how does one use the per-object permissions, as defined in the AdminClasses, in general? In a perfect world it would be possible to do something like (this is just an example!): {% cache someobject.id user.is_authenticated user.has_edit_permissions|someobject %} {% if user.is_authenticated%}... show comment box... {% endif %} {% if user.has_edit_permissions|object_shown %}... show "edit this object" link... {% endif %} {% endcache %} This would mean 4 cached views would be created per displayed object. Of course one can do all of this in the view, but as far as I know, you would have to immediately switch to the low-level cache API in order to do what I just described - nor would you be able to use generic views out of the box. cheerio, - Bram --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: per object permissions, caching and templates?
On Fri, Jul 25, 2008 at 11:39 AM, Bram de Jong <[EMAIL PROTECTED]> wrote: > For freesound.org I really need per-object permissions and caching. > I would also love to use the {% cache %} template tag as much as > possible because it's so easy and transparent! > Now, say for example I have a sound, and a user can either edit it or > not, or vote for it or not. AFAIK is_authenticated doesn't enter into it at all. You meant per-object permissions as in http://code.djangoproject.com/wiki/RowLevelPermissions yes? That link has got examples also. Model objects in Django are rows in a table in some SQL-capable database. Some such databases already have a system for row-level permissions but AFAIK every database does it differently... so Django is getting a portable system, see link. The question is really whether the system described in the link will be 100% tied up with the admin-system or not. I haven't tried the branch but have been using the newforms-admin branch (and need to clean up my repos), if the rowlevelpermissions-branch is run as competently as nfa was you have nothing to fear. HM --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: tracking per-object-permissions branch, merging in from trunk, and fixing problems, adding features.
On 3/23/07, Scanner <[EMAIL PROTECTED]> wrote: > > On Mar 22, 5:50 pm, "Matthew Flanagan" <[EMAIL PROTECTED]> wrote: > > I'm definitely interested in the results. Why don't you apply to get > > check-in permissions on the per-object-permissions branch? That way it > > can be accessible to the whole django community. Contact Jacob > > Kaplan-Moss to get an account. > > Good to know that there is some interest. I have sent off an email to > Jacob Kaplan-Moss and will see what he says. I'm also interested in the per-object-permissions branch and any fixes/merges with the main trunk that are going to happen. Any idea what state the it's is in with regards to the just released 0.96code? -Mike --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: tracking per-object-permissions branch, merging in from trunk, and fixing problems, adding features.
On Mar 22, 5:50 pm, "Matthew Flanagan" <[EMAIL PROTECTED]> wrote: > I'm definitely interested in the results. Why don't you apply to get > check-in permissions on the per-object-permissions branch? That way it > can be accessible to the whole django community. Contact Jacob > Kaplan-Moss to get an account. > > -- > matthewhttp://wadofstuff.blogspot.com Good to know that there is some interest. I have sent off an email to Jacob Kaplan-Moss and will see what he says. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: tracking per-object-permissions branch, merging in from trunk, and fixing problems, adding features.
On 3/23/07, Scanner <[EMAIL PROTECTED]> wrote: > > > > On Jan 16, 12:32 pm, Jacob Kaplan-Moss <[EMAIL PROTECTED]> wrote: > > On 1/16/07 4:05 AM, Russell Keith-Magee wrote: > > > > > Given the current push towards 1.0, it seems likely that this > > > particular merge will not get the attention of the core developers in > > > the immediate future (at least until 1.0 is out the door). However, if > > > you want to volunteer, and you don't feel you can contribute to the > > > 1.0 push, making sure that therow-level permissions branch is in > > > perfect condition for merging to trunk (i.e., lots of tests, > > > documentation, good integration with admin, etc) would be one way to > > > help out. > > > > You should also keep and eye on the newforms-admin branch. One of the > > consequences of redoing the admin is going to be some cleanup in how > > permissions are checked and implemented, and that should make per-obj-perms > > *much* simpler. > > Note: Posting here because it seemed the most appropriate instead of > starting a new discussion. > > I have been working on a set of apps that absolutely require row level > permissions. They simply can not meet their intended need without > this. I could hack something up but instead I am using the per-object- > permissions branch of django. Because I also want to keep up to date > with the current trunk of django as well because it has features and > bug fixes I want to use I have been maintaining a check-out of the per- > object-permissions branch with the changes merged in from the trunk. > All is going well so far. I am uncovering some somewhat painful use > cases (eg: an object that a user has 'view' permission on, and when > getting a list of those objects they do not get objects in that list > which they lack 'view' permission on) but in general no problems. > > Now the fun part, I am encountering some bugs or not fully implemented > or thought out parts of the per-object-permissions branch. Sometimes > the fix is fairly easy (catching exceptions and doing intelligent > things with them), but sometimes I have to figure out how I want to > handle a certain case. My current problem is having a way to assign > permissions to "anonymous" users (ie: is_anonymous is true, > is_authenticated is false) because certain areas of my apps are open > to anonymous users.) Now I have ideas on ways to solve this (if you > use per-object permissions, for example, a group called > "system:everyone" maybe created that anonymous users are implicitly a > member of, etc.) > > However, I am wondering how to track these changes and perhaps get > input on them from other people who may be using, or interested in, > per-object-permissions. Also, right now, I basically have several > checkouts of the branch on different machines and I need to keep them > sync'd. My next step is probably to setup a local repository which I > maintain my work in, and merge in from the per-object-permissions > branch as well as the trunk. > > Any one else working with these branch and interested in the results > of my attempts to keep it up to date with the mainline, as well as > some potential fixes? > I'm definitely interested in the results. Why don't you apply to get check-in permissions on the per-object-permissions branch? That way it can be accessible to the whole django community. Contact Jacob Kaplan-Moss to get an account. -- matthew http://wadofstuff.blogspot.com --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
tracking per-object-permissions branch, merging in from trunk, and fixing problems, adding features.
On Jan 16, 12:32 pm, Jacob Kaplan-Moss <[EMAIL PROTECTED]> wrote: > On 1/16/07 4:05 AM, Russell Keith-Magee wrote: > > > Given the current push towards 1.0, it seems likely that this > > particular merge will not get the attention of the core developers in > > the immediate future (at least until 1.0 is out the door). However, if > > you want to volunteer, and you don't feel you can contribute to the > > 1.0 push, making sure that therow-level permissions branch is in > > perfect condition for merging to trunk (i.e., lots of tests, > > documentation, good integration with admin, etc) would be one way to > > help out. > > You should also keep and eye on the newforms-admin branch. One of the > consequences of redoing the admin is going to be some cleanup in how > permissions are checked and implemented, and that should make per-obj-perms > *much* simpler. Note: Posting here because it seemed the most appropriate instead of starting a new discussion. I have been working on a set of apps that absolutely require row level permissions. They simply can not meet their intended need without this. I could hack something up but instead I am using the per-object- permissions branch of django. Because I also want to keep up to date with the current trunk of django as well because it has features and bug fixes I want to use I have been maintaining a check-out of the per- object-permissions branch with the changes merged in from the trunk. All is going well so far. I am uncovering some somewhat painful use cases (eg: an object that a user has 'view' permission on, and when getting a list of those objects they do not get objects in that list which they lack 'view' permission on) but in general no problems. Now the fun part, I am encountering some bugs or not fully implemented or thought out parts of the per-object-permissions branch. Sometimes the fix is fairly easy (catching exceptions and doing intelligent things with them), but sometimes I have to figure out how I want to handle a certain case. My current problem is having a way to assign permissions to "anonymous" users (ie: is_anonymous is true, is_authenticated is false) because certain areas of my apps are open to anonymous users.) Now I have ideas on ways to solve this (if you use per-object permissions, for example, a group called "system:everyone" maybe created that anonymous users are implicitly a member of, etc.) However, I am wondering how to track these changes and perhaps get input on them from other people who may be using, or interested in, per-object-permissions. Also, right now, I basically have several checkouts of the branch on different machines and I need to keep them sync'd. My next step is probably to setup a local repository which I maintain my work in, and merge in from the per-object-permissions branch as well as the trunk. Any one else working with these branch and interested in the results of my attempts to keep it up to date with the mainline, as well as some potential fixes? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: Per object permissions
On 2/8/07, Ramdas S <[EMAIL PROTECTED]> wrote: > I think Adrian is keeping the trunk upto date. I am using thie updates trunk > right nowand everything seems to be OK Except that the per-object permissions branch hasn't had a trunk merge for over a month. I'd *guess* Adrian is too busy with the newforms branch right now. Jay P. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: Per object permissions
I think Adrian is keeping the trunk upto date. I am using thie updates trunk right nowand everything seems to be OK Ramdas S On 2/9/07, Scanner <[EMAIL PROTECTED]> wrote: > > > > > On Feb 7, 8:36 pm, "Jay Parlar" <[EMAIL PROTECTED]> wrote: > > Chris Long was the original maintainer, and he kept doing merges for > > awhile. At this point though, I haven't seen him around these parts in > > months. > > > > Adrian was doing it for awhile after that, but seems to have stopped. > > > > I've got a site running in production that uses the branch, and it's > > working for me. Luckily the site doesn't need any major changes (and > > won't anytime soon), or I'd have some issues. > > > > Jay P. > > Okay, at least we know what the state is. I am going to try to merge > stuff from main in to my checked out copy for my own purposes. > It does not look like this will be too painful for me to main for > myself for these projects. > > --Scanner > > > > > --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: Per object permissions
On Feb 7, 8:36 pm, "Jay Parlar" <[EMAIL PROTECTED]> wrote: > Chris Long was the original maintainer, and he kept doing merges for > awhile. At this point though, I haven't seen him around these parts in > months. > > Adrian was doing it for awhile after that, but seems to have stopped. > > I've got a site running in production that uses the branch, and it's > working for me. Luckily the site doesn't need any major changes (and > won't anytime soon), or I'd have some issues. > > Jay P. Okay, at least we know what the state is. I am going to try to merge stuff from main in to my checked out copy for my own purposes. It does not look like this will be too painful for me to main for myself for these projects. --Scanner --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: Per object permissions
On 2/7/07, Scanner <[EMAIL PROTECTED]> wrote: > Is someone actively merging in stuff from mainline? > I emailed the address listed on the wiki page at djangoproject.com > for the project but either my spam filter ate the response or I have > not gotten any response. Chris Long was the original maintainer, and he kept doing merges for awhile. At this point though, I haven't seen him around these parts in months. Adrian was doing it for awhile after that, but seems to have stopped. I've got a site running in production that uses the branch, and it's working for me. Luckily the site doesn't need any major changes (and won't anytime soon), or I'd have some issues. Jay P. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: Per object permissions
On Feb 7, 2:36 pm, "Russell Keith-Magee" <[EMAIL PROTECTED]> wrote: > I, for one, am keen to see per-object permissions merged into trunk. > In terms of timelines, it probably won't happen before v1.0, but it is > definitely on the list of things to do. > > However, like all the branches, it requires attention. It needs people > to try it out, point out problems, fix problems, write documentation, > and then recommend it for merging. If you want to see this branch > merged, use it, and report problems. I have been trying to use the RLP branch in some projects I have because its functionality is absolutely critical for the kinds of web apps I am creating. However, the branch appears to be quite stale and forgotten and I also need some of the features of the mainline (all of the latest and greatest newform's fixes.) This puts me in an uncomfortable position as I want to and am trying to use it, but am bumping up against its staleness with respect to the mainline. Is someone actively merging in stuff from mainline? I emailed the address listed on the wiki page at djangoproject.com for the project but either my spam filter ate the response or I have not gotten any response. --Scanner --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: Per object permissions
On 2/7/07, Edward Muller <[EMAIL PROTECTED]> wrote: > > What happened to the per object permission branches? Are they going > to be integrated into django? I, for one, am keen to see per-object permissions merged into trunk. In terms of timelines, it probably won't happen before v1.0, but it is definitely on the list of things to do. However, like all the branches, it requires attention. It needs people to try it out, point out problems, fix problems, write documentation, and then recommend it for merging. If you want to see this branch merged, use it, and report problems. Yours, Russ Magee %-) --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: Generic Authorization vs per-object-permissions branch
I would like to see these branches merged with the trunk too but lack sufficient experience with working with trunk/branches. What are the steps needed to merge the last change from the trunk into the branches to keep the branches up to date ? How would you do it ? Start with the patch committed to trunk after the last revision of the branches one by one and launch the automated tests to see if everything is ok ? How would you split the work amongs several developpers ? I think that the more the time lapses the more the effort needed to merge these branches into trunk will be bigger. F.R. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: Generic Authorization vs per-object-permissions branch
Nope, People are pretty silent about this. I think the argument that no one has tested these branches enough and hence we cannot integrate it will not take this forward. We need to see that one by one these trunks are integrated to SVN. As such there are many bugs or missing features in the current SVN, and things are being fixed on day-to-day basis. I am sure once these trunks are integrated we will see rapid activity which will make the branches more stable. I hope some proactive step is taken on this count! And of course some tutorial like documentation will help us. Ramdas On 2/7/07, Edward Muller <[EMAIL PROTECTED]> wrote: > > > I am wondering the same thing. Did you ever hear anything about those > branches? > > On Jan 26, 2007, at 9:41 AM, Ramdas S wrote: > > > > > Hi, > > > > I am working on something where I need to provide object level > > permissions or column level permissions at least. > > > > There are two branches which I see being **inactively**. being > > developed. 1) Per-object-permissions which I feel is stable enough > > though I have not tried nothing really significant on that 2) > > Generic Authorization. > > > > Can someone advise the future of these two branches? Will they be > > merged with the main trunk? > > > > I hear on and off that users are not testing these branches well > > enough, and hence they are not being merged. > > > > IMHO, I feel we must merge these branches into the main trunk and > > so that more users will try the features. > > > > It is difficult for an average user like me to keep on switching > > back from the main trunk to the branches and back. > > > > The only way we will have things fixed is, by merging these trunks > > in to the development edition. > > > > do advise > > > > Ramdas > > > > > > > > > > > > > > Is there > > > > > > > > > > > > > > --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: Generic Authorization vs per-object-permissions branch
I am wondering the same thing. Did you ever hear anything about those branches? On Jan 26, 2007, at 9:41 AM, Ramdas S wrote: > > Hi, > > I am working on something where I need to provide object level > permissions or column level permissions at least. > > There are two branches which I see being **inactively**. being > developed. 1) Per-object-permissions which I feel is stable enough > though I have not tried nothing really significant on that 2) > Generic Authorization. > > Can someone advise the future of these two branches? Will they be > merged with the main trunk? > > I hear on and off that users are not testing these branches well > enough, and hence they are not being merged. > > IMHO, I feel we must merge these branches into the main trunk and > so that more users will try the features. > > It is difficult for an average user like me to keep on switching > back from the main trunk to the branches and back. > > The only way we will have things fixed is, by merging these trunks > in to the development edition. > > do advise > > Ramdas > > > > > > > Is there > > > > > --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Per object permissions
What happened to the per object permission branches? Are they going to be integrated into django? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Generic Authorization vs per-object-permissions branch
Hi, I am working on something where I need to provide object level permissions or column level permissions at least. There are two branches which I see being **inactively**. being developed. 1) Per-object-permissions which I feel is stable enough though I have not tried nothing really significant on that 2) Generic Authorization. Can someone advise the future of these two branches? Will they be merged with the main trunk? I hear on and off that users are not testing these branches well enough, and hence they are not being merged. IMHO, I feel we must merge these branches into the main trunk and so that more users will try the features. It is difficult for an average user like me to keep on switching back from the main trunk to the branches and back. The only way we will have things fixed is, by merging these trunks in to the development edition. do advise Ramdas Is there --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---