Actually, I would like to know how to make that happening myself
You need to write a custom permissions class. The DjangoLDP docs are allover the place but the guide you need for that is here: https://git.startinblox.com/djangoldp-packages/djangoldp/wikis/guides/custom-permissions
Actually this is reasonably similar to the DjangoLDP-Project permissions, so the existing code could be copied/used and adapted
How can I ... give the permission to anybody from HD Paris community to
view
.
This would require a custom permissions class, but would be a nice feature to add to DjangoLDP-Community. Note that CommunityPermissions
is a permissions class for the community views specifically, not for community-based permissions
give the permission to the people with an
accountant
profile toedit
This could be done with Django's group permissions
forbid access to anyone else
Setting empty permissions on the model:
anonymous_perms = []
authenticated_perms = []
owner_perms = []
Or using a custom permissions class which extends LDPBasePermissions
rather than LDPPermissions
(because it extends OwnerAuthAnonPermissions
)
Regarding the invoice component permission I think it will block me [that invoices list can only be accessed in a nested field]
If you're going to change the permissions to remove view
permissions for anonymous users then we can remove that code - it was added to restrict access to invoices where anonymous permissions included view
I think @calummackervoy you will have better inputs than me here :)
Autodeploy (90160538) at 03 Aug 19:16
update: model fields nullable for federated models
Calum Mackervoy (7a32ae83) at 03 Aug 19:14
also differentiated the rdf_type
of FreelancerInvoice and CustomerInvoice
Closes #10
These changes are necessary for supporting federated models in the current version of DjangoLDP. See related issues:
Calum Mackervoy (7a32ae83) at 30 Jul 14:21
update: model fields nullable for federated models
Autodeploy (530b70e9) at 30 Jul 08:40
merge: backported .gitlab-ci from master
Relies on a future version of the core. Waiting for djangoldp!226
This MR adds an isolated endpoint serving legal terms (bank accounts, overdue fees, ...). The endpoint has to be defined in the configuration. It's the work going along with components/sib-invoicing!44
I'm not sure about who assign it...
Matthieu Fesselier (8e34e28a) at 30 Jul 08:38
merge: backported .gitlab-ci from master
... and 10 more commits
In terms of how do you change the ontology RDF file - I don't know. Actually when I went digging into this I couldn't find out if the ontology was published or not!
In terms of the scope of this issue - it will involve changing the models.py
of this application so that each model has a unique rdf_type
(e.g. see above) and every field should have null=True
(djangoldp#224)
I can do these changes in 15-20 minutes but happy if you want to do them - let me know
Autodeploy (288c8128) at 21 Jul 17:19
revert: cancel beta changes published on master
Autodeploy (4b4bc1cb) at 19 Jul 03:52
test: added fixtures for invoice and project
Autodeploy (9e8efaf4) at 17 Jul 20:32
feat: loaded project dependency in django apps
Autodeploy (580aa180) at 09 Jun 16:02
update: removed superfluous print from test
Calum Mackervoy (0d3b7b0b) at 09 Jun 16:01
Added a unit test case for PUT CustomerInvoice
Calum Mackervoy (0d3b7b0b) at 09 Jun 16:01
update: removed superfluous print from test
... and 2 more commits
Calum Mackervoy (0d3b7b0b) at 09 Jun 16:00
update: removed superfluous print from test
... and 2 more commits
The custom ViewSet simply checks if it's a nested container and returns 403
if it's on the base URL
However in the tests I've been using /customer-invoices/
directly and in staging I believe so too
Does this mean that we should remove the ViewSet @matthieu ?
Sorry this was a total non-issue, I'd misread that the ViewSet
was only applying this check on list