问题
Hello Im currently using a third party package called django-river to implement a sort of workflow system into my application. The reason for using this is because it allows the user to dynamically generate workflows and attatch functions on the fly . Im currently using this across some of my models that require this functionality. However , there is one model that i wish to restrict this freedom. I do not wish to allow the user to add any instances than the one i have added from the start , or edit them.
Hence my question is:
- Is there a way to achieve this locking mechanism of the django models?
回答1:
You can manage DB-level permissions (google how to implement it for your database). And in django side add multiple databases with different users, for e.g.:
A user - can only read your spesific table, in default settings;
B user - has full permissions.
DATABASES = {
'default': {
'NAME': 'app_data',
'ENGINE': 'django.db.backends.postgresql',
'USER': 'A',
'PASSWORD': 'qwerty'
},
'full': {
'NAME': 'app_data',
'ENGINE': 'django.db.backends.postgresql',
'USER': 'B',
'PASSWORD': 'qwerty'
}
}
MyModel.objects.using('full').create(...)
MyModel.objects.create(...) # OperationError
Or you can change user at runtime.
来源:https://stackoverflow.com/questions/62651806/prevent-any-crud-functionality-on-a-django-model