django-teamwork Documentation

Similar documents
django-embed-video Documentation

open-helpdesk Documentation

django-embed-video Documentation

neo4django Documentation

django-reinhardt Documentation

django-cas Documentation

Tangent MicroServices Documentation

Django-frontend-notification Documentation

django-embed-video Documentation

django-users2 Documentation

Django IPRestrict Documentation

django-konfera Documentation

Aldryn Installer Documentation

django-jenkins Documentation

Django Wordpress API Documentation

django-ad-code Documentation

Django Map Widgets Documentation

django-private-chat Documentation

Django-CSP Documentation

DJOAuth2 Documentation

django-waffle Documentation

django-sticky-uploads Documentation

django-telegram-bot Documentation

django-allauth-2fa Documentation

staff Documentation Release 1.2

wagtailtrans Documentation

Django Dynamic Fields Documentation

django-audit-log Documentation

django-cron Documentation

Nirvana Documentation

Django Localized Recurrence Documentation

Python wrapper for Viscosity.app Documentation

django-dynamic-db-router Documentation

django-app-metrics Documentation

Graphene Documentation

djangotribune Documentation

Roman Numeral Converter Documentation

django-mongonaut Documentation

kaleo Documentation Release 1.5 Eldarion

Bishop Blanchet Intranet Documentation

django-ratelimit-backend Documentation

django-selenium Documentation

Building a Django Twilio Programmable Chat Application

Django QR Code Documentation

SagePay payment gateway package for django-oscar Documentation

cmsplugin-blog Release post 0 Øyvind Saltvik

Trunk Player Documentation

django CMS Export Objects Documentation

Gargoyle Documentation

dj-libcloud Documentation

Google Domain Shared Contacts Client Documentation

Django Test Utils Documentation

Gunnery Documentation

django-geoip Documentation

Python Project Example Documentation

django-stored-messages Documentation

nacelle Documentation

Django Groups Manager Documentation

Django PAM Documentation

The Django Web Framework Part VI

tally Documentation Release Dan Watson

PyCRC Documentation. Release 1.0

Module 4: Access Control

wagtailmenus Documentation

DNS Zone Test Documentation

Spade Documentation. Release 0.1. Sam Liu

django-oauth2-provider Documentation

TPS Documentation. Release Thomas Roten

Python Schema Generator Documentation

django-generic-filters Documentation

django-notifier Documentation

django-celery Documentation

Easy-select2 Documentation

Kivy Designer Documentation

Tomasz Szumlak WFiIS AGH 23/10/2017, Kraków

django-dajax Documentation

django-intercom Documentation

MapEntity Documentation

wagtailmenus Documentation

silk Documentation Release 0.3 Michael Ford

Django MFA Documentation

chatterbot-weather Documentation

Django FTP server Documentation

Pulp Python Support Documentation

youckan Documentation

django-auditlog Documentation

dublincore Documentation

Python simple arp table reader Documentation

sainsmart Documentation

django-idioticon Documentation

django-projector Documentation

Managing Group Policy application and infrastructure

Django Synctool Documentation

alphafilter Documentation

Frontier Documentation

ClickToCall SkypeTest Documentation

Django Admin Sortable Documentation

SQLAlchemy-ORM-tree Documentation

Bambu API Documentation

Archan. Release 2.0.1

Transcription:

django-teamwork Documentation Release 0.0.1 Les Orchard Jun 11, 2017

Contents 1 Overview 3 1.1 What is django-teamwork?........................................ 3 2 Getting Started 5 2.1 Installation................................................ 5 2.2 Configuration............................................... 5 3 Usage 7 3.1 Checking permissions for a user and content object........................... 7 3.2 Using the get_object_or_404_or_403 shortcut......................... 7 3.3 Base policy in settings.py..................................... 7 3.4 Setting a Policy on a Site......................................... 8 3.5 Setting a Policy on a content object................................... 8 3.6 Creating Teams and Roles........................................ 8 3.7 Granting Team ownership of content Objects.............................. 8 3.8 Assigning Roles to Users......................................... 8 3.9 Filtering permissions with per-object logic............................... 8 3.10 Supporting content hierarchies and Permission inheritance....................... 8 4 Contributing 9 4.1 Hacking notes.............................................. 9 5 TODO 11 5.1 Use Cases / Specs............................................ 11 6 Indices and tables 13 i

ii

django-teamwork Documentation, Release 0.0.1 django-teamwork is a Django app that offers an authorization backend with support for per-object permissions based on combinations of Teams, Roles, and Policies. Source code on GitHub Build status on travis-ci () Latest documentation on Read The Docs (source) Contents: Contents 1

django-teamwork Documentation, Release 0.0.1 2 Contents

CHAPTER 1 Overview What is django-teamwork? django-teamwork is a Django app that offers an authorization backend with support for per-object permissions based on combinations of Teams, Roles, and Policies. This app was born out of Kuma, the Django-based wiki / CMS that powers the Mozilla Developer Network. MDN hosts a large body of documentation, with pages arranged into a tree of sections and sub-sections. These site sections are each managed by different teams and people, whom in turn have their own requirements for controlling access to read and alter content. So, django-teamwork was created to provide per-object and per-section flexibility for controlling permissions granted by content objects. Here are some highlights: Teams can be given ownership of content Objects Teams offer Roles that, when assigned to Users, grant selected Privileges for team-owned content objects Independent of Teams and Roles, Policies can be set on content objects that grant Permissions based on criteria such as: whether a User is anonymous or authenticated; whether the User owns the object; or by matching specific Users and Groups. Policies can be set on a Site objects to apply site-wide Policies can be specified in settings.py to establish a base set of Permissions for the entire installation. Content objects can optionally filter the set of Permissions granted by Teams, Roles, and Policies to add or remove Permissions based on custom model logic. Content objects with a hierarchical tree structure can optionally offer a list of parents. This is used to implement inheritance for Team ownership and Policy application, so that Permissions cascade down the content tree. 3

django-teamwork Documentation, Release 0.0.1 4 Chapter 1. Overview

CHAPTER 2 Getting Started Installation First, get the package itself installed. You may find it handy to try this: pip install -e 'git://github.com/lmorchard/django-teamwork.git#egg=django-teamwork` This may or may not work, depending on whether I ve yet done my job in building a sensible setup.py. (Pull requests welcome! See also: Contributing) Configuration Add teamwork to your INSTALLED_APPS list in settings.py: INSTALLED_APPS = ( #... 'django.contrib.auth', 'teamwork', #... ) Add teamwork.backends.teamworkbackend to AUTHENTICATION_BACKENDS in settings.py: AUTHENTICATION_BACKENDS = ( #... 'django.contrib.auth.backends.modelbackend', 'teamwork.backends.teamworkbackend', #... ) Finally, create all the models: 5

django-teamwork Documentation, Release 0.0.1 $./manage.py syncdb $./manage.py migrate teamwork Of course, your mileage may vary, if you re not using South to manage your model changes. 6 Chapter 2. Getting Started

CHAPTER 3 Usage Contents under construction; this page is mainly a feature teaser. The best sample code is currently found in: the teamwork_example app used in tests; and in the backend tests themselves. Checking permissions for a user and content object @@ TODO. It goes a little something like this: if not request.user.has_perm('wiki.view_document', doc): raise PermissionDenied Using the get_object_or_404_or_403 shortcut @@ TODO. It goes a little something like this: from teamwork.shortcuts import get_object_or_404_or_403 #... doc = get_object_or_404_or_403('wiki.add_revision', request.user, Document, locale=document_locale, slug=document_slug) Base policy in settings.py @@ TODO. Example. Here s an inadequate sample: 7

django-teamwork Documentation, Release 0.0.1 TEAMWORK_BASE_POLICIES = { 'anonymous': ( 'wiki.view_document',), 'authenticated': ( 'wiki.view_document', 'wiki.add_document', 'wiki.add_revision'), } Setting a Policy on a Site @@ TODO. Example test. Setting a Policy on a content object @@ TODO. Example test. Creating Teams and Roles @@ TODO. Example test. Granting Team ownership of content Objects @@ TODO. Example model and test. Assigning Roles to Users @@ TODO. Example test. Filtering permissions with per-object logic @@ TODO. Example model and test. Supporting content hierarchies and Permission inheritance @@ TODO. Example test and model. 8 Chapter 3. Usage

CHAPTER 4 Contributing More to come here, soon. See also, TODO. Pull requests welcome! Hacking notes Setting up a virtualenv: virtualenv./test-venv../test-venv/bin/activate pip install -r requirements-test.txt Django Running tests:./teamwork_example/manage.py test teamwork To continually check pep8, tests, and coverage while working on OS X: gem install kicker kicker -c -e./run-tests.sh teamwork teamwork_example Running the example site:./teamwork_example/manage.py syncdb --noinput;./teamwork_example/manage.py runserver To regenerate test_data.json from example site:./teamwork_example/manage.py dumpdata -n --indent=4 sites auth.user teamwork wiki > teamwork_example/fixtures/test_data.json 9

django-teamwork Documentation, Release 0.0.1 10 Chapter 4. Contributing

CHAPTER 5 TODO Move all the below into GitHub Issues, once this gets to feature-complete Get this onto PyPi and make sure the usual methods of installation work Add views for Team and Policy management, outside of Admin Need views in example app for profile views Popup-friendly views? to apply / adjust Policy on a content Object to assign a user to one of your Teams API ergonomics shortcut to convert from codename + content object to Permission Support ForeignKey for Policy directly from content objects? Support many-to-many for Policies and content objects? Abstract out / make more flexible some of the integration points optional fields & methods on content objects * team field * get_permission_parents, get_all_permissions Consider optimizations for mass-lookup cases, because this does nothing for that now. Use Cases / Specs This is a thinking-aloud section where I braindumped about what I m trying to accomplish here: As a creator of a content Object I want to create a Team In order to delegate Permissions granted by a content Object 11

django-teamwork Documentation, Release 0.0.1 As a creator of a content Object I want to assign ownership of my Object to a Team In order to share ownership of a content Object As a manager of a Team I want to create a Team Role that encompasses a subset of my Permissions In order to delegate some, but not all, Permissions granted by an Object As a manager of a Team I want to assign a Role on my Team to another User In order to delegate Permissions granted by Team-owned Objects As the manager of a Role, I want to be given a list of my Permissions that are available to delegate, So that I can easily build a Role How to assemble this list? Can t be as permissive as superuser access, can only consist of Permissions available to Team creator As a manager of a content Object, I want to be able to create a Policy that encompasses a set of Permissions, In order to delegate Permissions to Users who are not Team members As a creator of content Objects in a hierarchical tree, I want Team ownership to apply recursively down through the tree, In order to avoid assigning Team ownership to each child Object individually As a creator of content Objects in a hierarchical tree, I want a Policy to apply recursively down through the tree, In order to avoid assigning a Policy to each child Object individually 12 Chapter 5. TODO

CHAPTER 6 Indices and tables genindex search 13

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback