-
Notifications
You must be signed in to change notification settings - Fork 17
User permissions & groups
Pierre Bellon edited this page Nov 25, 2013
·
12 revisions
The Permissions scheme we use on Detective is derived from the default Django's permission system:
- Every permission describe an
action
on anapplication
(and not a model like Django's permissions). - These permissions should be assigned to different
groups
. - Each user should be assigned to a group and will inherit from its permissions (this is the default behavior of the Django'spermission system).
Action can be resumed to the following list and represent actions possible for an application:
-
add
- create a model on an application -
edit
- edit a model of an application -
delete
- detele a model from an application
As we said early, each permission is defined at an application
level. Therefor, every model of an application will be subject to one permission.
Name | Description |
---|---|
<app>.contribute_edit |
Can update models on an app
|
<app>.contribute_delete |
Can delete models on an app
|
<app>.contribute_add |
Can add models on an app
|
Name | Description | Add | Edit | Delete |
---|---|---|---|---|
staff | Super users of a detective.io, has every permission of every app of a detctive instance. | ✓ | ✓ | ✓ |
editor | Superviser of an application. Has every permission for an application | ✓ | ✓ | ✓ |
contributor | Investigators of detective.io, allowed to feed and edit the information of one application | ✓ | ✓ | ✗ |
moderator | Check and moderate user contributions | ✗ | ✓ | ✓ |