![]() For example you can define whether a user has the ability to update any projects from the database. Global permissions are always checked first and define the ability of a user to take an action on an entire model. Install using pip… $ pip install dry-rest-permissionsĭRY Rest Permissions allows you to define both global and object level permissions. This would need a lot of triggers that would key off of these actions and explicitly change permissions.ĭRY Rest Permissions allows developers to easily describe what gives someone permission using the current data in an implicit way. This means that a user's permission will be granted or revoked based on many possibilities including ownership of the project transferring to a different association, the user's admin status in the association changing and the user entering or leaving the association. For apps that have many ways for a user to be given permission to certain actions, this approach can be very hard to maintain.įor example: you may have an app which lets you create and modify projects if you are an admin of an association that owns the project. Django-guardian is an explicit approach to permissions that requires data to be saved in tables that explicitly grants permissions for certain actions. Most other DRF permissions are based on django-guardian. Why is DRY Rest Permissions different than other DRF permission packages? A framework for limiting list requests based on permissions.This is DRY and works with your existing permission definitions. A serializer field that will return permissions for an object to your client app.Support for custom list and detail actions.Support for defining only global (table level) permissions or only object (row level) permissions.Support for broadly defining permissions by grouping actions into safe and unsafe types. ![]() A framework for defining for defining global and object level permissions per action.It provides a framework that allows you to define, for each action or groups of actions, what users have permission for based on existing data in your database. This framework is a perfect fit for apps that have many tables and relationships between them. Rules based permissions for the Django Rest Framework.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |