Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Decoupling from model permissions #1

Open
jpulec opened this issue Jan 10, 2017 · 1 comment
Open

Decoupling from model permissions #1

jpulec opened this issue Jan 10, 2017 · 1 comment

Comments

@jpulec
Copy link

jpulec commented Jan 10, 2017

First off, awesome library. It does almost exactly how I've been looking to fix DRF permissions for myself for awhile.

My one question/thought is... This implementation is heavily coupled to the idea that a permission allows a user to access (or not access) a certain field on a certain model. However, there are definitely cases where what is really desired is restricting access to a certain serializer field for a user. Is this a use case you'd be interested in supporting?
@geoffroybeck
Copy link
Contributor

Hi jpulec, thanks for you attention.
If I understand you right, the feature you are interested in is already implemented.
The favored and most outright way of restricting access to a specific serializer field for a user, would be to define a SerializerMethodField in your serializer and then access it in the administration interface.
Another approach would be to add a serializer field that accesses an @Property of your model, but this is more about decoupling serializers and models.
We will soon write a documentation and examples.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jpulec @geoffroybeck