A better auth API (row and field level permissions)

[VaZark]

Code of Conduct

• I agree to follow Django's Code of Conduct

Feature Description

In the same vein as django-tasks, Django should expose an API for user authorisation that third-party packages can leverage to implement user roles and permissions at the object and field levels.

This way, the Django team doesn't necessarily have to deal with the implementation details. Even the existing Groups and Permissions models can be offloaded into a community package (and the admin should probably leverage the API to maintain compatibility)

Problem

Groups and Permissions have existed, but they assume object-level CRUD and anything advanced is pushed to third-party libraries. The ecosystem already has multiple established and standard libraries, but using them usually feels like learning a whole new framework on top of django.

Request or proposal

proposal

Additional Details

No response

Implementation Suggestions

No response

[github-actions]

Thank you VaZark for sharing your idea! We have a lot of them so please be patient. You can see the current queue here.

Community instructions

For commenters, please use the emoji reactions on the issue to express support, and/or concern easily. Please use the comments to ask questions or contribute knowledge about the idea. It is unhelpful to post comments of "I'd love this" or "What's the state of this?"

Reaction Guide

• 👍 This is something I would use
• 👎 This is something that would cause problems for me or Django
• 😕 I’m indifferent to this
• 🎉 This is an easy win

[nanuxbe]

For the record, this fits with what I proposed here where comments have mentioned my scope was too big