Site permissions django application allows restricting access to objects based on sites. Basic goal is to allow restricting managing site content to users and groups in django admin interface.
Sites permissions will add custom permission change_site_content to
Site model. It depends on django-guardian.
- django-guardian
- Django 1.2 or later
Add site_permissions to INSTALLED_APPS:
INSTALLED_APPS = (
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.sites',
'django.contrib.messages',
'django.contrib.staticfiles',
# Uncomment the next line to enable the admin:
'django.contrib.admin',
# Uncomment the next line to enable admin documentation:
# 'django.contrib.admindocs',
'guardian',
'site_permissions',
)
In settings.py add authentication backends for guardian and site_permissions:
AUTHENTICATION_BACKENDS = [
'django.contrib.auth.backends.ModelBackend', # default backend
'guardian.backends.ObjectPermissionBackend', # guardian
"site_permissions.backends.SitePermissionBackend", # site_permissions
]
ANONYMOUS_USER_ID = -1 # required for guardian
Run syncdb to create permission for Site object:
./manage.py syncdb
This will create Can change site content permission that affect in which sites
specified user or group can edit contents.
Add
RestrictSiteMixinmixin to admin classes:from django.contrib import admin from site_permissions.backends import RestrictSiteMixin from models import Category class CategoryAdmin(RestrictSiteMixin, admin.ModelAdmin): pass admin.site.register(Category, CategoryAdmin)In django admin set Can change site content object permissions for
Siteobjects.
To test application and get a feeling how it works:
cd example ./manage.py syncdb --noinput && ./manage.py loaddata sample_data.json ./manage.py runserver
Usernames are admin and user1. Password for all users is password.
- add admin helper to filter foreign relationships within site
- site field name should be configurable
- handle many to many relationship to sites