2

Django permissions are great if you need to let someone access the admin and restrict what they can do.

But what if I want to use a similar functionality in the frontend of an application?

Example:

model Group has its own Members, a member can have three different access levels:

  1. member
  2. admin
  3. super-admin

Admins can only do special stuff only for their groups though, not for all the groups.

So I was wondering, would it have sense to implement Django's permission system in these cases? Would it have any advantage than simply adding a choice field in the Member model that indicates the access levels and checking that?

nemesisdesign
  • 8,159
  • 12
  • 58
  • 97

1 Answers1

1

The permissions system is built-in, ready-to-use. Nonetheless the most important fact is that it already is really simple and easy to use. You have groups and permissions assigned to a user and methods for checking/adding those permissions. Nothing more.

Writing your own permission system will have no real benefit over the Django's. It won't save you any time, as you'll still need one line of code to check the permission. Additionally the single-field access level permissions might be a constraint in the future. As your site will grow you'll definitely need more complex permission system.

Mariusz Jamro
  • 30,615
  • 24
  • 120
  • 162
  • thanks for your answer, is there any example of a slightly complex app that uses django's permission system that you would suggest me to check? – nemesisdesign Feb 14 '12 at 15:15