ViewFlow and django-guardian

蓝咒 提交于 2021-02-08 08:11:41

问题


I want to make use of django-guardian's object permissions and grant specific rights for specific users to one or more Django users.

I have tried to add some permissions to my Process class like this:

class TestProcess(Process):
    title = models.CharField(max_length=64)

    something = models.ForeignKey(ForInheritage, null=True, on_delete=models.CASCADE)
    no_approval = models.BooleanField(default=False)
    approved = models.BooleanField(default=False)

    def something_is_approved(self):
        try:
            return self.something.approved
        except:
            return None

    class Meta:
        permissions = (
            ('view_process', 'View Process'),
        )

Unfortunately this causes viewflow to immediately throw an error after starting runserver:

File "/home/me/.virtualenvs/viewflow3/lib/python3.4/site-packages/viewflow/mixins.py", line 253, in ready
    self.flow_class.process_class._meta.permissions.append(
AttributeError: 'tuple' object has no attribute 'append'

My initial plan was to subclass Start and View flow classes to change how the Permission function, that is inherited from the PermissionMixin, works. But this seems to be more work than just this, too.

django-guardian is already mentioned in one of the cookbook sections here but currently leads to a 404 page.

What would be the recommended/cleanest way to use guardian permissions on Processes and Tasks?


回答1:


Your specific problem happens b/c you specify permissions like a tuple, try list instead

class Meta:
    permissions = [
        ('view_process', 'View Process'),
    ]

Viewflow already adds the 'view' and 'manage' permissions so you can reuse them.

But further restriction per-process view permissions on the object level with django-guardian is not very practical. On each new process creation, in a start view, you will have to grant view permission to all process participant. That leads to hudge permission table grows and slow down the permissions lookup.

The reasonable use case for the object-level permission could be something like to restrict user access to a task based on a user department, for example.

deliver = flow.View(
    views.deliver
).Permission(
    'parcel.land_on_planet',
    obj=lambda process: process.department
).Next(this.report)


来源:https://stackoverflow.com/questions/42366130/viewflow-and-django-guardian

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!