Django object-level permissions app

Closed Posted Jul 23, 2010 Paid on delivery
Closed Paid on delivery

Django object-level permissions app I need this quickly (less than 1 week) so it's only appropriate for those with Django experience. (No other language or framework is acceptable.) Task: create a simple Django 1.2 app (Python 2.6.x) with object-level (row-level) permissions. Include web pages for assigning and updating. Permission options: view, edit. Models: - ClientUser: a user profile, created via user_postsave_handler when a user is created. Fields: user (ForeignKey), description. (I will eventually add more fields.) - ClientDocument: the content to protect. Fields: title, body. Create a few sample records for testing (users, ClientUsers, ClientDocuments); include an initial_data fixture so that it loads automatically when I test here. Views & Templates: (outside of Django's /admin/) - show an outline of ClientUsers and their associated ClientDocuments and permissions if user.is_staff: show all ClientUsers else: only show for the logged-in user - show an outline of ClientDocuments and their associated ClientUsers if user.is_staff: show all else: only show ClientDocuments for the logged-in user BUT do include all a list of other ClientUsers who have permissions for that document - provide a simple way for an is_staff user to edit permissions (must be a custom form, not Django's admin) * starting from a ClientUser: add/remove permission for one or more ClientDocuments * starting from a ClientDocument: add/remove permission for one or more ClientUsers For all the above, be sure to distinguish the different permissions (view, edit). The HTML doesn't have to be fancy. Admin: - expose all fields in the "list" view; include all text fields in search; set save_on_top True.

## Deliverables

One option (that I have NOT evaluated): django-authority (but I still need a full working sample with web pages). I can also share an existing permissions model from another developer that may or may not be useful. Worth noting (from the Django docs): "To enable object permissions in your own authentication backend you'll just have to allow passing an obj parameter to the permission methods and set the supports_object_permissions class attribute to True." The 'backend' links points to [url removed, login to view] ----- Deliverables: - working code with useful comments - Python (or shell) cmd-line script(s) that reduce installation and build to as few steps as possible. (I have both easy_install and pip.) - HTML and CSS must validate (XHTML transitional is fine; exceptions require approval ... and will probably be granted for clearly-identified CSS extensions) - a README file with any useful notes on installation or customization - all deliverables will be considered a "work made for hire" under U.S. Copyright law. Contractor assigns to buyer exclusive and complete copyrights to all work. If such a transfer is not considered valid in certain jurisdictions or circumstances, contractor assigns exclusive, transferrable, fully-paid, non-revokable, worldwide rights to buyer. ----- General requirements: - every new file must contain "Copyright 2010 by PreFab Software, Inc." Every modified file should contain that text preceeded by "Changes are ". - you may also add your name or nickname - for all code or other material not created from scratch, the source must be identified, and all copyright and license information must be preserved. The following licenses are acceptable: Apache, BSD, new BSD, MIT, Perl artistic, public domain, Python community, Academic Free License, ISC (Internet Systems Corp), w3c license, WTFPL, zlib - prior written permission is required before using code, text, sounds, images, or data with either LGPL or any "Creative Commons" license - absolutely no GPL code, text, sounds, images, or data should be included or even reviewed - absolutely no GFDL text, images, sounds, or data should be included

## Platform

Django, Python. I will test on Mac and deploy on Linux. Any DB back-end is fine as long as it works here on PostgreSQL. (Django's ORM should hide the details.)

MySQL PHP Software Architecture Software Testing Web Hosting Website Management Website Testing

Project ID: #3595446

About the project

Remote project Active Aug 5, 2010