ViewFlow和django-guardian [英] ViewFlow and django-guardian

问题描述

我想利用 django-guardian 的对象权限，并将特定用户的特定权限授予一个或多个Django用户.

I want to make use of django-guardian's object permissions and grant specific rights for specific users to one or more Django users.

我试图像这样向我的Process类添加一些权限:

I have tried to add some permissions to my Process class like this:

class TestProcess(Process):
    title = models.CharField(max_length=64)

    something = models.ForeignKey(ForInheritage, null=True, on_delete=models.CASCADE)
    no_approval = models.BooleanField(default=False)
    approved = models.BooleanField(default=False)

    def something_is_approved(self):
        try:
            return self.something.approved
        except:
            return None

    class Meta:
        permissions = (
            ('view_process', 'View Process'),
        )

不幸的是，这导致 viewflow 在启动 runserver 之后立即引发错误:

Unfortunately this causes viewflow to immediately throw an error after starting runserver:

File "/home/me/.virtualenvs/viewflow3/lib/python3.4/site-packages/viewflow/mixins.py", line 253, in ready
    self.flow_class.process_class._meta.permissions.append(
AttributeError: 'tuple' object has no attribute 'append'

我最初的计划是对 Start 和 View 流类进行子类化，以更改从继承的 Permission 函数的方式.PermissionMixin ，有效.但这似乎还不止如此.

My initial plan was to subclass Start and View flow classes to change how the Permission function, that is inherited from the PermissionMixin, works. But this seems to be more work than just this, too.

django-guardian 已在 cookbook 部分之一中提到

django-guardian is already mentioned in one of the cookbook sections here but currently leads to a 404 page.

在流程和任务上使用监护人权限的推荐/最干净的方法是什么?

What would be the recommended/cleanest way to use guardian permissions on Processes and Tasks?

推荐答案

您的特定问题发生在您指定元组之类的权限的情况下，请尝试使用列表

Your specific problem happens b/c you specify permissions like a tuple, try list instead

class Meta:
    permissions = [
        ('view_process', 'View Process'),
    ]

Viewflow已经添加了视图"和管理"权限，因此您可以重复使用它们.

Viewflow already adds the 'view' and 'manage' permissions so you can reuse them.

但是使用django-guardian在对象级别进一步限制每个进程的视图权限不是很实际.在每次创建新流程时，都必须在开始视图中向所有流程参与者授予查看权限.这会导致权限表增加，并减慢了权限查找的速度.

But further restriction per-process view permissions on the object level with django-guardian is not very practical. On each new process creation, in a start view, you will have to grant view permission to all process participant. That leads to hudge permission table grows and slow down the permissions lookup.

例如，对象级权限的合理用例可能类似于限制用户对基于用户部门的任务的访问.

The reasonable use case for the object-level permission could be something like to restrict user access to a task based on a user department, for example.

deliver = flow.View(
    views.deliver
).Permission(
    'parcel.land_on_planet',
    obj=lambda process: process.department
).Next(this.report)

这篇关于ViewFlow和django-guardian的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！