Im starting a project using Django CMS that has multiple sites being controlled from one instance of Django CMS. I have found the documentation for User Permissions and Group Permissions but didn't see anything by default about permissions depending on which site the user is on.
I want to be able to give user a group and have them only be able to login to a specific site(s). Im sure this is going to be possible by requesting the current SITE_ID but I just wanted to see if anyone could point me in the right direction of a plugin or middleware that might let me do this?
Any advice would be greatly appreciated.
Related
I would like to implement websocket chats inside of Django admin page. I have not found any information, if it is possible to do so?
I need some ideas to start from, maybe there are some tutorials on the topic? Or may it be completely impossible to do?
I'm currently developing 2 different sites at the same time: one of them is a heavily customized django-admin interface, and the other a "stand-alone" website that will share it's database with the previous one .
Even though they are related, I'd like my users not to loosely identify between the two sites : they are both able to be independant of the other.
However, a problem arises when someone is logged in the "admin" site : when they go to the other website, they are automatically logged. Won't happen the other way unless I allow it though, as the admin site requires special permissions in the User model.
I already created an UserProfile that can differentiate an user of one of the sites or of the both.
So, knowing all this, how can I make sure that the customers of the admin site don't get to be authenticated when in the other web site (without, of course, logging them out from the first one) ?
Thanks !
EDIT : To format it better, here is what I got , summed up :
One admin application / site Both running
One related application / site on same server,
sharing settings and urls.py
If some is logged in admin, I want to require them to create a new session to log on [related site] : this, without logging them off the admin site.
What changes should I do to this configuration to achieve this ?
Put different SESSION_COOKIE_DOMAIN and SESSION_COOKIE_NAME for each appication. Hope this solve your issue.
SESSION_COOKIE_DOMAIN = 'site1.com' #site2.com for other
SESSION_COOKIE_NAME = 'sid1' #sid2 for other
I am trying to authenticate my django application written in python with okta IDP. I have almost configured everything at SP side and IDP side too. Now I need to pass a custom variable from IDP which assert SP that user is a publisher,editor or admin and further save this to the django format database (in auth_user_groups table). Anyone have tried doing this, or anyone has idea about this?
I am able to get the custom variable values by attributes mappings from IDP. But this allows me to save the custom attributes only on the user table. please let me know if i have not made myself clear here about my question.
Once again I have a privilege to answer my own question. So hear is the solution.
Django has a user profile module which is to be turned on by giving the module location in the settings.py
i.e -
"AUTH_PROFILE_MODULE = appTitle.UserProfile"
The UserProfile needs to be specified in modules.py specifying the required structure of user profile u need for your app.
Now doing sync -db django creates the Database table for your user profile and further on the same user profile pysaml adds the value (CustomAttribute) which come on the saml Assertion.
more explanations on this can be found on django documentations too.
If any one still faces any issue please let me know.
Disclaimer: I asked the question also at Google+, but I'm not sure how active the community there is
I'm struggling with Django CMS' permissions, and the documentation remains unclear for me.
I have the following requirements:
All CMS pages should be available only for authenticated users
Editing shall only be allowed to staff
Some pages should be only visible to a certain group
I don't find the way to achieve this. Could you point me to the right combination of settings?
Here are some more specific questions:
How does the "Login required" in the page permissions form relate to the other permissions you can set on the page?
If once set a view restriction for "this and all children", how can I remove it on a child page?
Why does CMS_PUBLIC_FOR not have a value for "Authenticated users"?
Is there a way to just restrict viewing of all CMS pages to authenticated users without restricting by a specific group?
Would be great if anyone had some hints.
Thanks!
I found a solution myself now:
First I wrote a custom middleware that redirects all requests to Django CMS pages to the login. Then, I removed the “can view pages” permission from all groups and all global permissions for non-staff.
Finally I removed all view restrictions on the page root and set them only on the particular pages which should be restricted.
If you are interested about some more findings in Django CMS' permissions: I blogged some thoughts about it here: http://blog.webrunners.de/2015/09/08/django-cms-permission-pitfalls/
I have to create a project in django where the admin can create the sites dynamically and assign the administrators for the same, which would manage that particular site.
Can someone please suggest with some hint on how it can be done?
Thanks in advance.
If you are already familiar with django sites, extend the User profile and write a custom auth in a similar way as in this question: 1404131/how-to-get-unique-users-across-multiple-django-sites-powered-by-the-sites-frame