How to use Django's model permissions in Djangae?

[pg...@nerdery.com]

Hello all!

I'm trying to use django's default model permissions ('add_model', 'change_model', 'delete_model') as i'd like to create auth groups for my users in my project. However, none of these default permissions are created by the migrations. According to the documentation, it seems like Djangae, purposefully, cuts out the actual DB calls to create them.

How can i get these permissions added for my models, or create similar behavior in Djangae? I can't figure it out from Djangae's documentation how exactly to do this. Also, once i manage to get these permissions, will creating a group using Django's default admin (through Djangae's auto-added groups admin page) and attaching it to a user behave like i expect it to?

Thank you!

[pg...@nerdery.com]

OK, after doing a little more digging, i've found some logic in `djangae.contrib.gauth_datastore` that seems like it should be doing the datastore equivalent of creating these permissions, i just can't see them. I also can't see the GaeDatastoreUser in the admin, though, which is strange.

Gonna keep digging, maybe i accidentally overrode some default functionality that would just do this for me.

[Adam Alton]

Yes, gauth is what you want. Did you read the docs for it?: https://djangae.readthedocs.io/en/latest/gauth/

Note that the permissions won't ever appear in the Django admin.  This is because the Datastore is non-relational, and so doesn't support many-to-many relationships.  In the "normal" django.contrib.auth models, there are Users, Groups and Permissions.  But that requires m2m relationships between Users and Groups, and between Groups and Permissions.  So instead of that, djangae.contrib.gauth_datastore has a different model structure, which is more... "flat".  But ultimately it provides the same functionality.

I hope that helps.

Adam

--
You received this message because you are subscribed to the Google Groups "djangae-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to djangae-user...@googlegroups.com.
To post to this group, send email to djanga...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/djangae-users/891bfc24-7438-46e6-a7db-14b50e0d7c0f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[pg...@nerdery.com]

Thank you, Adam. I am able to add the expected default permissions, comma-separated, in the admin.

Note to future self: don't override AUTH_USER in your settings if you want to access users in the default admin, it makes things very difficult. :)

[Adam Alton]

Thank you, Adam. I am able to add the expected default permissions, comma-separated, in the admin.

My memory on this stuff is bit hazy, and I don't have time to go and check right now, but I'm sure there's something somewhere which creates the all permissions for you.  I have a feeling that it's a post-syncdb hook (or probably a post-migrate hook these days).  So if you run

./manage.py syncdb

or

./manage.py migrate

then it may well create all of the permissions for you.

And (once you've enabled the remote API) you should be able to do

./manage.py remote syncdb/migrate

to do it on the production DB.

 

Note to future self: don't override AUTH_USER in your settings if you want to access users in the default admin, it makes things very difficult. :)

If you've used GaeDatastoreUser, then I think that should appear in the Django admin automatically.

Adam

To view this discussion on the web, visit https://groups.google.com/d/msgid/djangae-users/d67b9cf6-6e0e-457a-bca6-42c7410c11eb%40googlegroups.com.