1

I am undergoing Udacity's Web Development course which uses Google AppEngine and Python.

I would like to set up specific user roles, and their alloted permissions. For example, I may have two users roles, Employer and SkilledPerson, and assign their permissions as follows:

Only Employers may create Job entities. Only SkilledPerson may create Resume and JobApplication entities.

How do I do this?

How do I define these user roles? How do I assign a group of permissions to specific roles? How do I allow users to sign up as a particular role (Employer or SkilledPerson)?

hyang123
  • 1,208
  • 1
  • 13
  • 32

3 Answers3

0

I'd create a user_profile table which stores their Google user id, and two Boolean fields for is_employer and is_skilled_person, because there's always potential for someone to be both of these roles on your site. (Maybe I'm an employer posting a job but also looking for a job as well)

If you perceive having multiple roles and a user can only be one role, I'd make it a string field holding the role name like "employer", "admin", "job seeker" and so on.

iandouglas
  • 4,146
  • 2
  • 33
  • 33
0

You must manage user_profile yourself. In your user_profile, you can store the user id such as an email address or a google user id like you want. Add a role array in this entity where you store all roles for this user and you manage access with decorators.

For example, users which are employers will have "EMPLOYERS" in their roles and you manage access to the job creation handler with a @isEmployer decorator. With this solution, you can assign many roles for you user like "ADMIN" in the future.

Maël
  • 259
  • 1
  • 11
0

Make model 

class Role(ndb.Model):
    name = ndb.StringProperty()

class UserRole(ndb.Model):
    user = ndb.UserProperty()
    roles = ndb.KeyProperty(kind=Role,repeated=True)

Make decorator check user in role

Before create job

@check_user_in_role('Employees')
def create_job():
    do_some_thing()
NamPNQ
  • 379
  • 4
  • 13