permission per object
Closed this issue · 3 comments
hi, recently tried Django for a CRM application and here is my question:
first of all the admin of account has permissions to create its own employees(users) and specify the permission of each user:
for example :
- give permission of creating new meeting(model) that the only user created it can edit or delete it.
- give permission to colleagues of the same department to only read each other meetings.
- the leader of the department can create, edit or delete the all employees meetings.
Well... So what is your question?
the questions is that should i use permission per object or default Django permissions?
can i use something like creating a table that stores user permissions and use it by filtering querysets in views ?
This is not StackOverflow so I'm not going to dig deeply in your use-case but the following articles may help you to determine if you need object permission or not.
https://docs.djangoproject.com/en/2.0/topics/auth/default/
https://docs.djangoproject.com/en/2.0/topics/auth/customizing/
If you feel it's possible to handle all your requirements with above, you don't need object permission. If you find any case which cannot handle with the above, you need object permission, role base permission, or login base permission which this library stands for.