Since Django 1.2 final is almost out, I am curious if there are already projects that use the new object level permissions / row level permissions system. Django-authority, which is a possible solution for Django up to 1.1, has not been updated for a while, and does not (yet) use the new permissions system. It seems to me that Django-Authority is in a comatose state.
Does someone know about upcoming or maybe even finished solutions? I'd appreciate any good links to active projects with at least some downloadable content very much.
I used https://github.com/lukaszb/django-guardian when it was still in version 0.2 on a project and it was rather complete and bug free.
Yes I did have to write my own 'check_permission' view decorator as at the time it didn't have it included yet - but at least from version 1.0 it is there.
The author was also very quick to respond to an issue I had migrating from 0.2 - overall I've been happy with it and hence made it part of my project skeleton template.
Finally, I found really good stuff: Florian Apolloner wrote a howto on djangoadvent: http://djangoadvent.com/1.2/object-permissions/
Now that's what I'm gonna use :)
Something useful might be as well: http://github.com/washingtontimes/django-objectpermissions (link dead as of 2011-07-18)
I have released a Django-app called django-rules which lets you manage per object permissions in a flexible, dynamic and scalable way. You might want to check it out.
I tried using django-granular-permissions for a site a while ago, but was unable to get it to do what I needed (this may have been my own inability to understand what I needed to do rather than the app). Looking at the google code site's updates tab, it looks to not have had any work done on it since Summer/Autumn last year so it may be another dead duck.
OSU Open Source Labs has an implementation of object level permissions here
First of all, the main source of information is djangopackages.com's perms grid: "A grid of all packages implementing permissions for users and groups in your Django project". (Beware some packages are named very similarly, e.g. an 's' or a dash is the only difference)
Then, reviewing each package features (considering only the somewhat-actively maintained subset), these are the main candidates:
django-guardian: “implementation of per object permissions as authorization backend which is supported since Django 1.2.”
pypi, repo, docs.
django-permissions: “Generic per-object permissions for Django”. “django-permissions provides per-object permissions for Django on roles”.
pypi, original repo, most updated fork, docs.
django-authority: “provides generic per-object-permissions for Django's auth app.” “Django app for per-object-permissions that includes a bunch of helpers to create custom permission checks.”
pypi, original repo, most updated fork, docs.
There are others that for one reason or the other did not make the cut:
- django-object-permissions
- django-rulez
- django-permission
PS: This answer was written according to the current state of open source packages, more than 2 years after the question was asked. Although not too thorough, I hope this work will help those that are in the same situation I was.
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 贼婆χ 的文章《Django 1.2 object level permissions - third party 》','https://www.manongdao.com/article-319499.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}