My goal is:
- to have created custom Groups and populated with permissions for specific models. All that immediately after or during application starts
- What is the most appropriate way to achieve that?
For example my custom group is MY_CUSTOM_GROUP and i want to add
view permissions for Model
Book to that group
You can create a custom admin command to perform specific model initialization before you start the app for the first time. You would then run your command after
migrate but before you start the app.
As for now, i have three different ways to accomplish my task:
- Write custom manual migration and put it into migrations folder (therefore they will be applied when executing python manage.py migrate)
- Write fixture for groups and permissions (dump and loaddata respectively)
- Your variant
Can you tell me please what is the advantages of your variant (3) ?
#1 and #3 are effectively the same - it’s a matter of how / when it’s going to be used, and how (if) you manage / “groom” your migration files on a periodic basis.
#2 can create problems in the case of a complete rebuild / new installation unless you use natural keys for all the appropriate tables. (You have no guarantees that the PKs are going to be the same every time.)
All three can work, and I’d say that the decision among them is a personal / organizational decision, not a technical one.
I’m not sure if i understand natural keys completely right, but lets imagine following situation:
- we have two groups
group_B and two users
user_ADMIN belongs to
user_1 belongs to
group_B. i make dump with natural keys for table
group and table
permissions. NOT for
- is it possible that when i load that data with groups and permissions i can get reassigned groups to users incorrect way such that i will get
group_B because of auto-generating primary keys for groups in case of using natural keys feature???
All the way while dumping and loading back tables
permissions all existing users stay untouched. I mean all users follow to exist between dump and load operations.
i do understand that between tables
permissions never gonna be mistakes while i use natural keys.
Keep in mind that the relationships between Users and Groups is a many-to-many relationship, that dumpdata manages on the User side of that relationship, not the group. (The
User model has the field
Group does not have a field
users.) This means that if you dump (unload) the set of groups and don’t dump the users, that relationship between them is lost. Reloading groups without reloading users loses group membership information. (You can see this if you do a dumpdata of both users and groups.)
Now i’ve got it. Thanx a lot for such explanation!