I am going to create in Django new fornt-end (HTML + JS + CSS) to old application based on big MySQL database (lots of tables, views, stored procedures, logs, triggers and so on). I need to force Django to respect database privilage for each user. I know I can give in django some rights e.g. to the model or view but when I have table "customers" i want to give access to the user to few, selected customers from this table, not to all records. In another words: django has connection to MySQL by one django user and all users in django make operations on database tgough this django user. How can I force django to check user privilages in MySQL server ?
-- I have all the logic in database in stored procedures. I can add input parameter to each procedure {e.g. IN v_user char(50)} and django will call these procedures with this parameter. This will work very well but this solution does not provide security. I have invested a lot of time in learning django and I really like this framework. I have already prepared many html+css templates, I have bought theme from bootstrap. I am in the middle of my work but I cant continue until I find solution which will ensure that the user will have rights from the database.
Regards
Wojtek
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/d4abcf0c-9c44-4c14-9be3-ffaaa0212358%40googlegroups.com.
No comments:
Post a Comment