Leveraging the ORM to enforce object-level permissions

Oct 23 5:37 PM CDT :calendar:
Audience level: Intermediate

About This Talk

Django provides a robust permissions system out of the box, but it’s limited to operating at the model level. What if you want to assign permissions to create, modify, or delete only objects with certain attributes? In NetBox, we did exactly this by leveraging the ORM, JSON, and database transactions. We’ll quickly demonstrate how easy Django makes it to create a custom authentication backend and permission model to accommodate even complex object-based constraints.


    Photo of Jeremy Stretch

    Jeremy Stretch

    Jeremy Stretch is the founder and lead maintainer of NetBox, an open source infrastructure resource modeling application. He works at NS1 as a distinguished engineer spearheading integration and development efforts around NetBox. He lives in the Raleigh, North Carolina area with his wife and three children.