Django应用程序用于用户/帐户设置

Question

我准备开发一个项目，我正在映射我可以使用的东西。该项目需要不同的基于组/用户的模型和对象权限和设置。

我知道我可以使用django-objectpermissions（https://github.com/washingtontimes/django-objecturemisions）和djangos自己的模型权限。但是有一些情况，当你真的需要设置对象/模型权限时，而是一个设置 - 这个帐户/用户可以做一些与某些对象或模型无关的东西。有人为此开发了应用程序吗？或者人们在有这么需要时采取什么样的方法？也许创建虚拟Django模型，让Djangos模型权限处理其余的？

我也知道，这做了类似 - https：//github.com/danielroseman/django- dbsettings 。但是当我通过代码撇去我的印象时，这些设置都是基于用户的 - 我还需要基于组的设置。

编辑：人员继续为我提供权限应用程序。我正在寻找的不是权限应用，但设置应用程序。这些设置/权限与任何对象无关。

基本上。在我的项目中，我需要回答问题 - 这个用户可以看到/做这个东西吗？ “事情”很可能是一个观点。所以一个答案几乎有效。但是，在视图下检查我的检查，不是用户是否具有某些型号/对象的权限。它宁愿，如果用户已打开此设置，则如果用户组的此设置已打开。

alan

Answer 1

You're probably going to need to create your own system for this. It shouldn't be very difficult.

class Setting(models.Model):
    name = models.CharField(..)
    value = models.CharField(..)
    users = models.ManyToManyField(User)
    groups = models.ManyToManyField(Group)

    @classmethod
    def has_setting(cls, name, user):
        user_settings = cls.objects.filter(name=name, users__in=[user]).count()
        group_settings = cls.objects.filter(name=name, groups__in=user.groups.all()).count()
        return user_settings or group_settings

    @classmethod
    def get_settings(cls, name, user, priority=User):
        user_settings = list(cls.objects.filter(name=name, users__in=[user]))
        group_settings = list(cls.objects.filter(name=name, groups__in=user.groups.all()))
        if user_settings and not group_settings: 
            return user_settings
        elif group_settings and not user_settings:
            return group_settings
        else:
            return (group_settings, user_settings)[priority==User]

Then you can do something like this in your views:

def display_frob(request):
    if Setting.has_setting('display_frob', request.user):
         settings = Setting.get_setting('display_from', request.user, priority=Group)
         values = [setting.value for setting in settings]
         # if the User was in many groups, we now have a list of values, for the setting
         # `display_frob`, that aligns with each of those groups

You can easy build a decorator which will do the check, and provide a list (or a single item) of values to the view.

Answer 2

For permissions for "actions" (where an action is typically implemented by a view) I commonly use decorators.

The user_passes_test decorator is great for this kind of purpose.

You could create user permissions not linked to models.

Answer 3

Maybe this is what you looking for : django-guardian