1. Michael Hall
  2. django-extauth

Commits

<mh...@lakeland.net  committed c8564df

  • Participants
  • Parent commits b902afc
  • Branches default

Comments (0)

Files changed (1)

File Home.wiki

View file
 to a particular instance of a model.  You can then give users in that role
 additional permissions to that particular instance.
 
+== Setup ==
+
+ExtAuth provides several components that you will need to add to your Django project.
+
+* Add //extauth// to your settings.INSTALLED_APPS
+
+* Add //extauth.session.CaptureRequestUser// to your settings.MIDDLEWARE_CLASSES.  This enables ExtAuth to find the current //request.user// without you having to specify it.  This is especially helpful in library functions where you may not want to pass in request or user objects.
+
+* Call //extauth.roles.autodiscover()// in your urls.py.  This is just like how the Django Admin app works.
+
 == Defining Roles ==
 
 ExtAuth Roles are defined much like ModelAdmins are defined for the //django.contrib.auth//
 #!python
 user_has = roles.getUserRoles()
 }}}
+
+=== Authentication Backend ===
+
+Django 1.2 introduced an API to check per-object permissions.  ExtAuth provides a Role-based Backend that implements this feature, just add //extauth.backend.RoleBackend// to your settings.AUTHENTICATION_BACKENDS.
+
+Then you will get role permission checks without referencing ExtAuth at all:
+{{{
+#!python
+
+widget_instance = examples.models.Widget()
+can_change = request.user.has_perm('examples.change_widget', widget_instance)
+}}}
+