Answer the question
In order to leave comments, you need to log in
F
F
Fedor2022-01-12 22:43:45
Fedor, 2022-01-12 22:43:45
How to control rights when working with DB Models?
Greetings!
- - -
At first I will write an approximate code of what I want.
# ставим условие, что внутри контекста мы можем только читать MyModel,
# в остальных случаях работы с БД должна возникать ошибка
with permissions(MyModel, 'read'):
mm = MyModel.objects.get() # работает
mm.atribute = 123
mm.save() # ошибка, тк нет разрешения на запись
MyModel.objects.create() # ошибка, тк нет разрешения на создание
OtherModel.objects.get() # ошибка, тк другая модельThe problem is that in my project a function will be executed, the content of which I do not know.
I need some insurance.
Leave her access rights to a couple of tables, and restrict access to all other database tables.
- - -
I found a library that solves this issue:
https://github.com/pgorecki/django-cancan
But it's not popular at all, I'm afraid to integrate it into the prod.
- - -
If there is a solution based on the rights of Users, then super.
- - -
Thank you!
Similar questions
S
spellman0032019-09-12 08:08:45
What routes to add to Windows Server to route to another network?
3Reply
S
I
D
O
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question