Bitbucket is a code hosting site with unlimited public and private repositories. We're also free for small teams!

Close

django-authority

This is a Django app for per-object-permissions that includes a bunch of helpers to create custom permission checks.

The main website for django-authority is packages.python.org/django-authority. You can also install the in-development version of django-authority with pip install django-authority==dev or easy_install django-authority==dev.

Example

To get the example project running do:

  • Bootstrap the buildout by running:

    python bootstrap.py
    
  • Get the required packages by running:

    bin/buildout
    
  • Sync the database:

    bin/django-trunk syncdb
    
  • Run the development server and visit the admin at http://127.0.0.1:8000/admin/:

    bin/django-trunk runserver
    

Now create a flatage and open it to see some of the templatetags in action. Don't hesitate to use the admin to edit the permission objects.

Full docs coming soon.

Please use http://bitbucket.org/jezdez/django-authority/issues/ for issues and bug reports.

Documentation

The documenation is currently in development. You can create a nice looking html version using the setup.py:

python setup.py build_sphinx

Changelog:

0.4 (2010-01-15):

  • Fixed an issue with the UserPermissionForm not being able to override the widget of the user field.

  • Added ability to override form class in add_permission view.

  • Added easy way to assign permissions via a permission instance, e.g.:

    from django.contrib.auth.models import User
    from mysite.articles.permissions import ArticlePermission
    
    bob = User.objects.get(username='bob')
    article_permission = ArticlePermission(bob)
    article_permission.assign(content_object=article)
    

0.3 (2009-07-28):

  • This version adds multiple fields to the Permission model and is therefore a backwards incompatible update.

    This was required to add a feature that allows users to request, withdraw, deny and approve permissions. Request and approval date are now saved, as well as an approved property. An admin action has been added for bulk approval.

    To migrate your existing data you can use the SQL files included in the source (migrations/), currently available for MySQL, Postgres and SQLite.

  • The templatetags have also been refactored to be easier to customize which required a change in the template tag signature:

    Old:

    {% permission_form flatpage %}
    {% permission_form flatpage "flatpage_permission.top_secret" %}
    {% permission_form OBJ PERMISSION_LABEL.CHECK_NAME %}
    

    New:

    {% permission_form for flatpage %}
    {% permission_form for flatpage using "flatpage_permission.top_secret" %}
    {% permission_form for OBJ using PERMISSION_LABEL.CHECK_NAME [with TEMPLATE] %}
    

    New templatetags:

    • permission_request_form
    • get_permission_request
    • get_permission_requests
    • permission_request_approve_link
    • permission_request_delete_link
    • request_url_for_obj
  • The add_permission view is now accessible with GET requests and allows to request permissions, but also add them (only for users with the 'authority.add_permission' Django permission).

Recent activity

Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.