Usability with django rest framework and access management

[Leonardo-Bo]

This project is amazing. Congratulations!

I would like to know two things:

• is it possible to make it usable with django rest framework?
• is it possible to have only a given group of users authenticate on a specific service?

About the second question: I have a set of applications (e.g. A, B, C, D), but not all users have access to all applications. So I would need a way to say that user 1 can access A and B, user 2 can access B and D, user 3 can access all applications

[DAVIDhaker]

Hello! I glad! Thanks!

1. Yes! Need little bit more time to make it.
2. Access policy to subordinated services are possible feature.

I wanna to ask you: How fast you need it?

[Leonardo-Bo]

The short answer: today! :-)

The long answer: I am working on a project that has suddenly grown in the last few weeks and has taken me from managing three services for a single user group to managing the same three services for 10 user groups!

So far I have managed the three services on the single group with three different authentications and three different databases, but this growth of the project has made me look for different solutions.

I can always adopt the solution of many db's and many authentications and restructure everything later, but implementations to your project would be a huge help in structuring the work properly from the beginning.

[DAVIDhaker]

Let me this weekend to try to develop solution.

[DAVIDhaker]

1. Thinking in process.
2. Working in process. On the SSO gateway on user profile will be add multiselect field named as "Subordinated service member".

[Leonardo-Bo]

Thank you very much!

2. I think the solution you have chosen is the best and the most intuitive

Look forward to your updates 😊

[Leonardo-Bo]

Hi! How is it going?
Sorry for the inconvenience. Is there any news on this enhancement?

[DAVIDhaker]

Hello. Big apoligize for waiting. But i don't have a lot of time to spend to this project while. :(

Work in process. I thinking about one setting named as "Default access behavior".

In beginning i was thinking about setting like allow_all/deny_all, but finally arrived to next:

By default user should provide callback, who process access control on user creation as additional option.

But have one more easy variant: Just callback on save delegated to user, based on pure django's signals. The base access management based on permission lists is ready. I will publish it soon.

On DRF part: Will new authenticator class, who must be injected instead of base token auth class.

[Leonardo-Bo]

Hi! How are you doing?
I saw that there is "work in process" tag on this task. I would like to ask if you can estimate when the changes will be ready.

Thanks again for your work 😊