Add filter in ListView
privateuly opened this issue · comments
The permission decorator / mixin seems to only return True/False. I would like to pass object filter to limit what records a user can view in ViewList class. For example, in the case of doctor users, each doctor can only views patients.objects.filter(doctor==request.user)
@has_permission_decorator('view_patient_list')
def view_patients(request, filter=None, *args, **kwargs):
return patients.objects.filter(**filter)
Should I create a second decorator after @has_permission_decorator to accomplish that?
Thanks!
Hi @privateuly, could you develop this further? I'm not sure i understand your question
Hi @filipeximenes, sorry I wasn't clear. Please bear with me as I am new to the django permissioning concept.
My understanding of this django-role-permissions is that it is used to restrict access to CRUD actions on a per object basis. How about ListView? I would like to restrict (ie. filter) list access depending on some logic. For instance, a doctor can only pull up a list of clients that are associated to him/her. Is this within the scope of this library, or do I need to create something extra?
Can I also verify that the built-in decorators and mix-ins don't work for object permissioning and we'll need to create our own using the has_object_permission()?
Thanks again for the library!
I found what a discussion of what I was looking for here dfunckt/django-rules#40. It's clear to me now that what I have in mind is outside the scope of this project, so I am just going to close this issue. Thanks again!