Otorgar a los usuarios 'anti-permisos' en django

I'm working on a django project in which users can post articles and vote on them. But the users are not supposed to vote on their own articles. Currently I'm using the permission system with django-guardian. My idea is to grant a kind of 'anti-permission' so that only the author no puedes vote on their own articles.

My reasoning is that in this way all the permissions can be handled in a unified protocol, separately from view functions(instead of putting conditions inside them). And if there comes future requirements like this, they can be handled elegantly.

But it does not look semantically right to use "permissions" in this way. Just wondering if there's a better way of doing it?

¡Gracias por tu ayuda! :)

preguntado el 08 de noviembre de 11 a las 11:11

if users have to be logged in to vote, you could do that in the templates by comparing article author to the user object and then change the functionality of the link, button, etc for voting. there is probably a better way though. -

I was wishing to handle all user permits with permission system and its decorators, but they seem to be very dependent on situation. So instead I'll code them differently. Like 'user shouldn't vote on their own post', I'll just do a check inside the view function while 'new users shouldn't be able to post' is handled by permission decorator. I'll also do things in the templates so users without permission can see different things. Thanks @sehe for the snippet, it's not exactly for the problem right now but could be useful in the future :) -

1 Respuestas

Write a manager that takes the context and then returns a list of objects that the user can vote on.

Use this manager in your view.

Respondido el 19 de diciembre de 11 a las 10:12

I think I can also write a customized permission checking function for dealing with this kind of situations. So instead of using 'user.has_perm("can_vote")' and only gets if the user has this permission, I can write my function 'check_perm(user,article, "can_vote")', and check if the user is author of the article there. - Xun Yang

No es la respuesta que estás buscando? Examinar otras preguntas etiquetadas or haz tu propia pregunta.