Electronics & Programming

develissimo

Open Source electronics development and programming

  • You are not logged in.
  • Root
  • » Django
  • » Restrict access to the whole application [RSS Feed]

#1 Jan. 26, 2011 11:48:20

t.
Registered: 2009-11-02
Reputation: +  0  -
Profile   Send e-mail  

Restrict access to the whole application


My first question is whether it is possible to restrict access to the
whole application from one place. I could write @login_required over
every function but is there a better way?

My second question is whether it is possible to use user groups for
restricting applications. I want for example that only users in group
'teachers' could access the 'teaching' application. I know that groups
are meant for something else but it would spare me a lot of time.

I've just started with Django so be patient with me :)

--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group athttp://groups.google.com/group/django-users?hl=en.

Offline

#2 Jan. 26, 2011 13:40:06

Brian B.
Registered: 2009-11-02
Reputation: +  0  -
Profile   Send e-mail  

Restrict access to the whole application


I've used a post_save signal to create a per-object permission such as 'use
application X' This permission is checked at application use time.
Here<https://github.com/bmbouter/vdi/blob/master/signals.py>is the
code I wrote to do, I think, exactly what you want. It is part of a
django
based connection broker <https://github.com/bmbouter/vdi> that manages cloud
virtual machines to provide applications to users.

Best,
Brian

On Wed, Jan 26, 2011 at 2:11 AM, tobik <tobiaspoto...@gmail.com> wrote:

> My first question is whether it is possible to restrict access to the
> whole application from one place. I could write @login_required over
> every function but is there a better way?
>
> My second question is whether it is possible to use user groups for
> restricting applications. I want for example that only users in group
> 'teachers' could access the 'teaching' application. I know that groups
> are meant for something else but it would spare me a lot of time.
>
> I've just started with Django so be patient with me :)
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscr...@googlegroups.com<django-users%2bunsubscr...@googlegroups.com>
> .
> For more options, visit this group at
>http://groups.google.com/group/django-users?hl=en.
>
>


--
Brian Bouterse
ITng Services

--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group athttp://groups.google.com/group/django-users?hl=en.

Offline

#3 Jan. 26, 2011 14:39:12

t.
Registered: 2009-11-02
Reputation: +  0  -
Profile   Send e-mail  

Restrict access to the whole application


Thank you for your answer. It is to much information for me and I am
not sure whether I understand it correctly :)

So basically you create for each application a corresponding
permission which looks something like 'use_appname'. If the user wants
to access 'appname' application, he has to have 'use_appname'
permission. And when these permissions are being created? When
starting a new application? (./manage.py startapp appname) And Django
just knows that permission named use_appname belongs to 'appname'?
It's a part of core? Sorry for my dumb question, I just don't know
much yet about how does Django work under the hood.

Btw I found also this <http://onecreativeblog.com/post/59051248/django-login-required-middleware> which could also solve my problem. It
wouldn't be difficult to modify the code in order to add support for
groups.

On 26 led, 14:39, Brian Bouterse <bmbou...@gmail.com> wrote:
> I've used a post_save signal to create a per-object permission such as 'use
> application X'  This permission is checked at application use time.
> Here<https://github.com/bmbouter/vdi/blob/master/signals.py>is the
> code I wrote to do, I think, exactly what you want.  It is part of a
> django
> based connection broker <https://github.com/bmbouter/vdi> that manages cloud
> virtual machines to provide applications to users.
>
> Best,
> Brian
>
>
>
> On Wed, Jan 26, 2011 at 2:11 AM, tobik <tobiaspoto...@gmail.com> wrote:
> > My first question is whether it is possible to restrict access to the
> > whole application from one place. I could write @login_required over
> > every function but is there a better way?
>
> > My second question is whether it is possible to use user groups for
> > restricting applications. I want for example that only users in group
> > 'teachers' could access the 'teaching' application. I know that groups
> > are meant for something else but it would spare me a lot of time.
>
> > I've just started with Django so be patient with me :)
>
> > --
> > You received this message because you are subscribed to the Google Groups
> > "Django users" group.
> > To post to this group, send email to django-users@googlegroups.com.
> > To unsubscribe from this group, send email to
> > django-users+unsubscr...@googlegroups.com<django-users%2bunsubscr...@googlegroups.com>
> > .
> > For more options, visit this group at
> >http://groups.google.com/group/django-users?hl=en.
>
> --
> Brian Bouterse
> ITng Services

--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group athttp://groups.google.com/group/django-users?hl=en.

Offline

#4 Jan. 26, 2011 14:45:48

Brian B.
Registered: 2009-11-02
Reputation: +  0  -
Profile   Send e-mail  

Restrict access to the whole application


Maybe this will clear things up, but if not, write back. In my example an
"application" is a resource inside of a django project, not a django project
itself. Your description of 'use_appname' is correct. An app for me is a
model and so I have setup a post_save
signal<http://docs.djangoproject.com/en/dev/ref/signals/#django.db.models.signals.post_save>on
that model so that when the model is created the post save signal
ensures
the permission is created.

The permission is then checked when a user goes to use an application using
standard django permission checking. You could use this same scheme to
limit access to installed django application I could imagine.

Brian

On Wed, Jan 26, 2011 at 9:39 AM, tobik <tobiaspoto...@gmail.com> wrote:

> Thank you for your answer. It is to much information for me and I am
> not sure whether I understand it correctly :)
>
> So basically you create for each application a corresponding
> permission which looks something like 'use_appname'. If the user wants
> to access 'appname' application, he has to have 'use_appname'
> permission. And when these permissions are being created? When
> starting a new application? (./manage.py startapp appname) And Django
> just knows that permission named use_appname belongs to 'appname'?
> It's a part of core? Sorry for my dumb question, I just don't know
> much yet about how does Django work under the hood.
>
> Btw I found also this <http://onecreativeblog.com/post/59051248/django-> login-required-middleware> which could also solve my problem. It
> wouldn't be difficult to modify the code in order to add support for
> groups.
>
> On 26 led, 14:39, Brian Bouterse <bmbou...@gmail.com> wrote:
> > I've used a post_save signal to create a per-object permission such as
> 'use
> > application X' This permission is checked at application use time.
> > Here<https://github.com/bmbouter/vdi/blob/master/signals.py>is the
> > code I wrote to do, I think, exactly what you want. It is part of a
> > django
> > based connection broker <https://github.com/bmbouter/vdi> that manages
> cloud
> > virtual machines to provide applications to users.
> >
> > Best,
> > Brian
> >
> >
> >
> > On Wed, Jan 26, 2011 at 2:11 AM, tobik <tobiaspoto...@gmail.com> wrote:
> > > My first question is whether it is possible to restrict access to the
> > > whole application from one place. I could write @login_required over
> > > every function but is there a better way?
> >
> > > My second question is whether it is possible to use user groups for
> > > restricting applications. I want for example that only users in group
> > > 'teachers' could access the 'teaching' application. I know that groups
> > > are meant for something else but it would spare me a lot of time.
> >
> > > I've just started with Django so be patient with me :)
> >
> > > --
> > > You received this message because you are subscribed to the Google
> Groups
> > > "Django users" group.
> > > To post to this group, send email to django-users@googlegroups.com.
> > > To unsubscribe from this group, send email to
> > > django-users+unsubscr...@googlegroups.com<django-users%2bunsubscr...@googlegroups.com>
> <django-users%2bunsubscr...@googlegroups.com<django-users%252bunsubscr...@googlegroups.com>
> >
> > > .
> > > For more options, visit this group at
> > >http://groups.google.com/group/django-users?hl=en.
> >
> > --
> > Brian Bouterse
> > ITng Services
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscr...@googlegroups.com<django-users%2bunsubscr...@googlegroups.com>
> .
> For more options, visit this group at
>http://groups.google.com/group/django-users?hl=en.
>
>


--
Brian Bouterse
ITng Services

--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group athttp://groups.google.com/group/django-users?hl=en.

Offline

#5 Jan. 26, 2011 15:15:46

t.
Registered: 2009-11-02
Reputation: +  0  -
Profile   Send e-mail  

Restrict access to the whole application


Well, by an application I meant the 'subfolder' in your django project
directory, which you create using manage.py startapp 'appname' (or
maybe django.admin.py). That confused me. So if in your case an
application is a model inside database, then I understand that you can
use standard permissions and singal 'post_save'. I checked your code
<https://github.com/bmbouter/vdi/blob/master/views.py> and the line 44
made it all clear.

When I understand it finally I am not sure whether I will go this way.
You know, my project is going to have like 3-4 stable applications. I
don't actually need to dynamically add new ones and the whole layer
for working with applications (view.connect) is a little bit brutal
for my needs. While discussing with you I found out that there is such
things like Middleware in django, so I will probably use it instead
(see the link in second post).

Anyway, I feel much smarter thanks to you! So thanks again for your
time.


On 26 led, 15:45, Brian Bouterse <bmbou...@gmail.com> wrote:
> Maybe this will clear things up, but if not, write back.  In my example an
> "application" is a resource inside of a django project, not a django project
> itself.  Your description of 'use_appname' is correct.  An app for me is a
> model and so I have setup a post_save
> signal<http://docs.djangoproject.com/en/dev/ref/signals/#django.db.models.si...>on
> that model so that when the model is created the post save signal
> ensures
> the permission is created.
>
> The permission is then checked when a user goes to use an application using
> standard django permission checking.  You could use this same scheme to
> limit access to installed django application I could imagine.
>
> Brian
>
>
>
> On Wed, Jan 26, 2011 at 9:39 AM, tobik <tobiaspoto...@gmail.com> wrote:
> > Thank you for your answer. It is to much information for me and I am
> > not sure whether I understand it correctly :)
>
> > So basically you create for each application a corresponding
> > permission which looks something like 'use_appname'. If the user wants
> > to access 'appname' application, he has to have 'use_appname'
> > permission. And when these permissions are being created? When
> > starting a new application? (./manage.py startapp appname) And Django
> > just knows that permission named use_appname belongs to 'appname'?
> > It's a part of core? Sorry for my dumb question, I just don't know
> > much yet about how does Django work under the hood.
>
> > Btw I found also this <http://onecreativeblog.com/post/59051248/django-> > login-required-middleware> which could also solve my problem. It
> > wouldn't be difficult to modify the code in order to add support for
> > groups.
>
> > On 26 led, 14:39, Brian Bouterse <bmbou...@gmail.com> wrote:
> > > I've used a post_save signal to create a per-object permission such as
> > 'use
> > > application X'  This permission is checked at application use time.
> > > Here<https://github.com/bmbouter/vdi/blob/master/signals.py>is the
> > > code I wrote to do, I think, exactly what you want.  It is part of a
> > > django
> > > based connection broker <https://github.com/bmbouter/vdi> that manages
> > cloud
> > > virtual machines to provide applications to users.
>
> > > Best,
> > > Brian
>
> > > On Wed, Jan 26, 2011 at 2:11 AM, tobik <tobiaspoto...@gmail.com> wrote:
> > > > My first question is whether it is possible to restrict access to the
> > > > whole application from one place. I could write @login_required over
> > > > every function but is there a better way?
>
> > > > My second question is whether it is possible to use user groups for
> > > > restricting applications. I want for example that only users in group
> > > > 'teachers' could access the 'teaching' application. I know that groups
> > > > are meant for something else but it would spare me a lot of time.
>
> > > > I've just started with Django so be patient with me :)
>
> > > > --
> > > > You received this message because you are subscribed to the Google
> > Groups
> > > > "Django users" group.
> > > > To post to this group, send email to django-users@googlegroups.com.
> > > > To unsubscribe from this group, send email to
> > > > django-users+unsubscr...@googlegroups.com<django-users%2bunsubscr...@googlegroups.com>
> > <django-users%2bunsubscr...@googlegroups.com<django-users%252bunsubscr...@googlegroups.com>
>
> > > > .
> > > > For more options, visit this group at
> > > >http://groups.google.com/group/django-users?hl=en.
>
> > > --
> > > Brian Bouterse
> > > ITng Services
>
> > --
> > You received this message because you are subscribed to the Google Groups
> > "Django users" group.
> > To post to this group, send email to django-users@googlegroups.com.
> > To unsubscribe from this group, send email to
> > django-users+unsubscr...@googlegroups.com<django-users%2bunsubscr...@googlegroups.com>
> > .
> > For more options, visit this group at
> >http://groups.google.com/group/django-users?hl=en.
>
> --
> Brian Bouterse
> ITng Services

--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group athttp://groups.google.com/group/django-users?hl=en.

Offline

  • Root
  • » Django
  • » Restrict access to the whole application [RSS Feed]

Board footer

Moderator control

Enjoy the 23rd of October
PoweredBy

The Forums are managed by develissimo stuff members, if you find any issues or misplaced content please help us to fix it. Thank you! Tell us via Contact Options
Leave a Message
Welcome to Develissimo Live Support