-
Notifications
You must be signed in to change notification settings - Fork 142
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Using Rules for attribute level access control? #81
Comments
I am in a similar situation. I have a case where an
Although django's Another possibility is to extend
|
Not quite sure if it would work but maybe the following could solve my problem:
and be used as
|
I have similar needs as @vincentwhales tho I can currently live without this feature for now. Another related topic is read-access to the property of the Django model. Attributes of a Django model are almost always actual data fields inside the database. Properties are not always the case. They are kinda like virtual fields. While they cannot be modified (at least I think so), they can be read. Therefore certain read permissions might occur depending on the user's confidentiality and authorization level. |
@vincentwhales I'm just newly reading the docs for django-rules, so I may be missing something, but can you not just combine two simpler predicates to achieve what you want? I don't know the structure of your models, but assuming you have a one-to-one of either
Or a more general case that doesn't care is
There's probably a more optimal solution, and I've only looked at the docs for 20-some minutes, but I would think this would work based on what I've read so far. (sorry to revive such an old thread. Just surprised nobody has commented with this suggestion before. Or maybe I'm totally misunderstanding something) |
I came here to request the same feature. Django inplace edit (https://github.com/ptav/django-inlineedit) has a nice feature of passing the (user, object, field) to a callable that checks permission to edit. It would be nice if this could be passed off to Django-rules predicates. At the moment I can't handle field level edit permissions |
In my django application, I have a model, Client, which holds information about the clients of my business. I have two groups of employees that uses my application - Technician and Finance.
Members of Technician can view/update attributes of Client such as 'password_hash', 'login_ip_address'. Members of Finance can view/update attributes such as 'total_revenue' or 'bank_account_number'.
I see in the documentation that
Predicates can be created from any callable that accepts anything from zero to two positional arguments
.Client
class for every of its attribute. Rule generation will happen at the initialization phase of my application.The text was updated successfully, but these errors were encountered: