So I have a rather unorthodox idea of using a middleware to filter queries dynamically, as to keep my authentication further away from the views themselves. I've seen a few library's that could log transactions, but there's no way to alter them since it's post-transaction.
Essentially any calls to a certain model would be filtered based on authentication credentials. E.g. Some field that states a user's privileges.
This is probably insane and would require me hooking into the ORM itself, but I must ask out of curiosity. Maybe I'm just too lazy to change the rest of my code to reflect this.
Thanks to anybody who could clarify if this is possible or impossible.
Edit: As of writing this question... Wouldn't this be possible to achieve by subclassing a model manager? Am I this thick?!
