Hi John,
I'll start with answering the question in your subject: no. There's
nothing at all wrong with using the parts of Django that are useful to
you, and not using the ones that aren't.
In particular, auth and admin are part of "contrib"; that is, useful
applications built on top of Django and shipped with it. They aren't
even part of Django core. All of contrib is meant to be entirely optional.
On 11/21/2014 01:18 PM, John Rodkey wrote:
> We are evaluating django for a new internal CRM project and have issues
> using many of the built in features including: the base user, permissions,
> and authentication.
>
> We do not wish to use the built-in admin... The level of complexity for
> our permissions will be based on the employees job function/role. While
> django does offer "Groups" under permissions, we have many subsidiaries
> which may name their own groups, this is our reasoning for dumping the
> built-in permissions.
>
> What we are trying to accomplish -
>
> 1. User registration and authorization based on users email address. (We
> believe this could be created with the "Custom User" information found in
> the docs.)
Yes, that's right.
> 2. Depending on the users email domain (the subsidiary) they work for, they
> will only have access to that data (We do not believe django offers this,
> and will be building it)
>
> 3. Each company (subsidiary) will have their own permission roles/groups
> (We do not believe this is available in django, please correct if wrong).
>
> 4. Each user will be assigned role(s)/permission(s) for their company (We
> believe this will need to be a custom tool)
>
>
> Is there a simple solution to altering the built-in authentication and
> permission to fit our needs?
The built in groups/permissions system is fairly limited: based on your
needs, I think you may be better off building that yourself.
If I were you, I would use the built-in auth system (but with a custom
User model) -- it's pretty flexible these days, and using it will give
you better interoperability with many parts of the Django ecosystem. If
your custom User model inherits from AbstractBaseUser (not AbstractUser)
it won't have the many-to-many relationships with Permission and Group,
and you can just ignore them and build your own permission/roles system
instead.
Carl