Add Custom Permissions to Views without Defining Models

Using Django Getting Started
1

Hello everyone,

I created an app to support front-end custom query directly to an external database which didn’t have any Django-related tables (something like django_contenttype, django_session.)Similar to other apps, this app should be limited to a group of people to use. Therefore, I need a proper permission control policy in active.

However, the external database didn’t have any Django-related tables since I can’t define models for the app and make migration to the external database due to company policy, which means, I can’t simply use the permissions that come with defining the models (VIEW, CHANGE, DELETE or anything custom in the META part of the model class).

Since the app is just for query, nothing DDL happening here, do anyone know is there a practical way to add custom permission to certain view without defining a model to do so?

Thanks in advance.

2

You’re still going to want a local database for Django itself to use. That’s where the permissions are stored, not in the user models.

The permission system will still work as normal with the data stored in an external database.

3

I do have a local database for Django itself to use, but the data to be queried is stored in another database. Sorry I did’t make myself clear about the setting of the database. Here is how the setting looks like:

DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.mysql',
        'NAME' : '',
        'USER' : '',
        'PASSWORD' : '',
        'HOST' : '127.0.0.1',
        'PORT' : 3306,
        'OPTIONS':{
            'autocommit' : True
        }
    },
    'query_1104_db': {
        'ENGINE': 'django.db.backends.mysql',
        'NAME' : '',
        'USER' : '',
        'PASSWORD' : '',
        'HOST' : '127.0.0.1',
        'PORT' : 3306,
        'OPTIONS':{
            'autocommit' : True
        }
    }
}

The query_1104_db is the “external” database. I created a view under the app, “data_query”, to perform raw SQL query to this database using django.db.connections.cursor(). By saying

That’s where the permissions are stored, not in the user models.

do you mean I need a third database for storing all the custom permissions?

4

No, the permissions table is in your default database.

5

Side note:

You don’t need to do it that way. You can create models for the external database and use the ORM to perform your queries.