-
Notifications
You must be signed in to change notification settings - Fork 114
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Exclusive use of Groups #20
Comments
...Actually the one use of default False |
The change from having UserRole to using Groups was due to feedbacks I got from other people. For the sake of simplicity, I assumed Groups would only be used for managing roles, and that's why all user groups are deleted before a new one is assigned. Your approach is more correct, this library should not interfere with Groups beyond the ones it creates. About Can you make a PR for your changes? |
[#20] Don't interfere with other groups
* origin/master: [#20] Don't interfere with other groups
It's ready on pypi as version 0.6 |
I think it's a mistake to assume each user is in a single group related to a single role. In 6852439 you removed the UserRole model but I'd like to see it restored.
I was expecting that 'role' was entirely separate from groups. I intend to have my Users in groups by team, and given a role 'team_member' they would be granted the permission 'change_team_documents'. I could then use the object level permissions checks to ensure that
user.has_perm('change_team_documents') and doc.team in user.groups.all()
At a minimum I'd hope the use of groups could be reworked to drop the single group assumption. Possibly filter for groups that match role names, and delete only "role groups".
I'm not even sure why assign_role_to_user() removes previous rolls. Further,
available_permissions
doesn't actually limit the permissions that can be applied to a user, default False permissions have no effect at all. It might make more sense to just havedefault_permissions
as a list, thus users granted multiple rows will just have the permissions from each roll.Sorry for the novel here. If you're interested I'm happy to split the issues up and work on solutions.
The text was updated successfully, but these errors were encountered: