PyCon Israel 2022

🇮🇱 Django URL Pattern Role Authorization System
06-29, 16:00–16:20 (Asia/Jerusalem), Hall 3

Taking the Django traditional groups and permissions to the next level by adding layer and using an access endpoint pattern approach to provide scalability, flexibility and a wider control of authenticated user's access.


Django comes with a built-in permissions system with view, add, change, and delete permissions, as well as the ability to add other permissions as one might wish (even if with weird and uninformative names that no one will eventually use).
One question remains, though: is it the right approach when building a big Django application that contains a lot of different authorization groups?
This talk is more of a case study dedicated to the challenges (and solutions) we had at Bluevine around this exact question.
At Bluevine we faced many difficulties enforcing authorization with the traditional Django authorization system for several reasons.
* incompatibilities and different users with different sets of permissions, due to lack of restrictions around the Django auth user model.
* Inability to grant limited permissions to different models.

The above are just a few of these difficulties.
In this talk, we'll discuss the above and other difficulties, as well as our solutions.
Hint - we refreshed the Django permission mechanism by adding a role layer, changing permissions, and more.


Session language

Hebrew

Target audience

Developers

Im Yarin Asulin, Im a software development team lead and have been working in BlueVine for the past 4.5 Years. Before BlueVine I served in the technology unit of the Intelligence Corps. I started developing as a curious teen since then i have been moving forward by learning and using new and advanced technologies.