I have a multilingual Django project. Each language is a different subdomain. Therefore, we decided to use the "sites" application and create one site for each language.
In this project, I also have a “page” application that is very similar to CMS. The user can create pages with content, and they will be displayed on the corresponding language site.
Now I am looking to be able to manage advanced permissions. What I need to do is allow the user’s admin application to create and update pages for one (or many) specific languages / sites.
What would be a cleaner way to do something like this?
Edit: Here is the solution I adapted given by Chris
I am creating a decorator that checks if the user in the group that has access to lang matches. See Chris accepted answer for an example of this.
In the "normal" view, I do the following:
def view(self):
return render_to_response('page.html', {}, RequestContext(request))
view = group_required(view)
If the user is in a group, he will return a method. Otherwise, it will return an "Access Denied" error.
And in my admin area I do the following:
class PageAdmin(admin.ModelAdmin):
list_display = ('title', 'published')
fieldsets = [
(None, {'fields': ['title', 'slug', 'whatever_field_you_have']}),
]
def has_add_permission(self, request):
return in_group_required(request)
admin.site.register(Page, PageAdmin)
Where in_group_required is a similar method for group_required mentioned above. But it will only return true or false depending on whether we have access or not.
And since we use them in the previous examples, you will find here what I have in my in_group and group_required methods.
def group_required(func):
def _decorator(request, *args, **kwargs):
if not in_group(request):
return HttpResponse("Access denied")
return func(*args, **kwargs)
return _decorator
def in_group(request):
language = Language.objects.get(site__domain__exact=request.get_host())
for group in language.group.all():
if request.user in group.user_set.all():
return True
return False