I’m very new to Django, having never developed on it.
I’m trying to develop a site which has functionality exposed only to authenticated users (typical enterprise thing: for this discussion, let’s say it’s a private blogging platform).
The functionality I’m looking for is:
- Users can create a new blog.
- each user can belong to multiple groups: the user can only view/comment on blogposts created by member of groups (s)he belongs to.
- Each user can modify/delete only the posts (s)he creates.
As I see it, this is essentially a CRUD application with access control, and the admin app seems to have a lot of this functionality builtin. Is it feasible to develop this complete application using the admin application alone (not as a prototype, as a release-quality solution), or should I look beyond (Generic views? ModelForms?)
I’m trying to estimate how long this will take (learning + implementation), so your feedback could give me a good idea, in addition to teaching me the ways of this new Django-world 🙂
Edit: specifically, one of my worries is per-object/per-row permissions. The django wiki says the Permissions system doesn’t support that, so can I still use the admin app?
Revised. Up until you want per-object permission, the answer is yes.
As soon as you want permission on a Blog, where a blog is just a row, you’re going to have to do some coding.
You can totally reuse the admin interface elements. You have all the source, which you can read.
Much of what you want is done with “wrappers” around the admin functions.
You write a “wrapper” view function checks object permissions.
Your wrapper view function calls the admin view function.
After that, you’ll want to fix the style sheets in the admin pages to be your preferred look and feel.