Quick access configuration in two steps.
Note
It is also possible to use django_roles
as middleware, for example under
next two reasons: (a) no new code wants to be added to project; (b) project
size demand a solution for many applications, including third-party
applications. Read more in Using Django roles middleware
Step 2
Use django_roles.decorators.access_by_role()
decorator or
django_roles.mixin.RolesMixin
mixin in the view to be secured.
For example:
In case the view is a function:
from django_roles.decorators import access_by_role
@access_by_role()
myview(request):
...
In case of classes based views use mixin:
from django_roles.mixin import RolesMixin
class MyView(RolesMixin, View):
...
Note
Pre existent security behavior can be modified if a django_role
configuration for the same view results in forbidden access.