4

I'm working on some Django Rest Framework based project (quite expected API for some web-app). It has as traditional Django models, and some kind of model-like objects: they behave like Django models but don't store anything in DB. No tables, no content-types. When we ask them for objects, they goes to external API and forms resulting Queryset.

Now I need to build some role-based access system. To make the architecture clear and extensible, I want to make groups and permissions managable through the Django Admin interface. So, I guess, we need to put some permissions to DB and then we'll be able to add these permissions to user groups. After that, we'll check these permissions in DRF.permissions class. But since we have neither tables, nor content-types for these 'models', we can't add records to permissions table right now.

What is the right way to make this possible? Should I rebuild these 'models' through the metaclass with proxy = True? Or should I add a proxy layer above? Maybe I should add some dummy content-types by hand?

Alex Belyaev
  • 1,417
  • 1
  • 11
  • 15
  • You should check this project https://github.com/dfunckt/django-rules It gives your powerful permission system without using database. – Anton Perepelitcyn Apr 04 '17 at 18:42
  • Does this answer your question? [How can I use Django permissions without defining a content type or model?](https://stackoverflow.com/questions/13932774/how-can-i-use-django-permissions-without-defining-a-content-type-or-model) – Martin Faucheux Jan 11 '21 at 07:32

0 Answers0