Separation of user rights?

Z

zelsky2016-01-10 04:05:44

Django

zelsky, 2016-01-10 04:05:44

Here are three apps.
1. Garage
2. Cars
3. Reviews.
and two types of users - a simple one who can only leave a review and the second one who can only create one garage and add an unlimited number of cars.
how to separate the logic ? Suppose that for the owner of the garage you need to create a custom user model, but how exactly to divide by rights? + if I create a custom user model, how can I understand if this is the owner or just a person for the sake of a review?
+ how to give permission to the owner to create only one garage, and at the same time not the number of cars inside.
I'm sorry, I don't know how else to explain

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

R

Roman Kitaev, 2016-01-10
@deliro

Use standard permissions. To add/edit/delete they are automatically created.

V

Vladimir, 2016-01-10
@vintello

in fact, you do not need a permission model, but a condition check.
data is added via a form. and validate according to your conditions. For you, validation is just a set of rules that form a query to tables, and if some result is returned, this is an error. Rules can be moved to a separate admin panel.
you can check the forms through the clean method. You just need to redefine it to suit your needs.
Here's a simple example, the whole point is clear from it

def clean(self):
    form_data = self.cleaned_data
    if form_data['password'] != form_data['password_repeat']:
        self._errors["password"] = ["Password do not match"] # Will raise a error message
        del form_data['password']
    return form_data