Seems like I found a better keyword argument than fallback_to_model. For
the following backends setting:
AUTHENTICATION_BACKENDS = (
'django.contrib.auth.backends.ModelBackend',
'guardian.backends.ObjectBackend',
'roles.backends.RoleBackend',
)
And the ways to check:
user.has_perm('foo.change_bar', obj)
# default: check all, model checker expected to NOT disown her child
user.has_perm('foo.change_bar', obj, backends=('object', 'role', ))
# just check backends specified; 'role' for *.RoleBackend
Advantages:
- One will not have to use package specific API for checking just the
object permissions, for example.
- Cleaner and generic: allows backends re-use each other. For example, I
am writing a RoleBackend and can easily make calls to model or object
permission backends, in order not to reinvent the wheel.
--
You received this message because you are subscribed to the Google Groups
"Django developers (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-developers+unsubscr...@googlegroups.com.
To post to this group, send email to django-developers@googlegroups.com.
Visit this group at https://groups.google.com/group/django-developers.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-developers/f637e9ca-b345-4c0f-92e7-b80464e9b6da%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
