Hey everyone, I’m excited to announce the first version of my first Python package is live on PyPI - django-field-permissions!
Django has a wonderful permissions framework, but a restriction is that it natively only works on the model-level. If you wanted to grant a user edit access to a model, you can, but if you wanted to restrict specifically the email field from being edited in the User model, for example, you can’t without a custom implementation.
This package looks to solve this issue by creating assignable read and edit permissions on each field in the models that you specify. An admin implementation makes it super easy to assign field permissions to groups and users. The package also ships with some other key features:
- Middleware that attaches a user’s field permissions to the request, making them available to check in both the template and the view
- Customizable caching on field-permissions
- Signal implementation for invalidating the cache when changes are made
- Management command that makes syncing model changes with field permissions extremely simple
You can try it for yourself here: https://pypi.org/project/django-field-permissions/
Link to the GitHub repo: https://github.com/eddiemapes/django-field-permissions
As I mentioned, this is my first package and I’d really appreciate any feedback. A few things on my list already include fully building out testing, adding some comprehensive examples of usage, and reinforcing the code with more graceful error handling.