2015-11-19 07:47:24 +00:00
|
|
|
## Sith AE
|
2015-11-19 07:45:21 +00:00
|
|
|
|
2016-01-29 15:29:24 +00:00
|
|
|
### Get started
|
2015-11-19 07:45:21 +00:00
|
|
|
|
|
|
|
To start working on the project, just run the following commands:
|
|
|
|
|
|
|
|
git clone https://ae-dev.utbm.fr/ae/Sith.git
|
|
|
|
cd Sith
|
2016-05-30 10:23:59 +00:00
|
|
|
virtualenv --clear --python=python3 env
|
2016-07-28 11:02:10 +00:00
|
|
|
source env/bin/activate
|
2015-12-03 19:29:07 +00:00
|
|
|
pip install -r requirements.txt
|
2015-12-04 15:13:20 +00:00
|
|
|
./manage.py setup
|
2015-11-19 07:45:21 +00:00
|
|
|
|
2016-01-29 15:29:24 +00:00
|
|
|
To start the simple development server, just run `python3 manage.py runserver`
|
2015-11-24 09:55:15 +00:00
|
|
|
|
2016-01-29 15:29:24 +00:00
|
|
|
### Generating documentation
|
2015-11-24 09:55:15 +00:00
|
|
|
|
2016-01-29 15:29:24 +00:00
|
|
|
There is a Doxyfile at the root of the project, meaning that if you have Doxygen, you can run `doxygen Doxyfile` to
|
|
|
|
generate a complete HTML documentation that will be available in the *./doc/html/* folder.
|
2015-11-19 07:45:21 +00:00
|
|
|
|
2016-01-29 15:29:24 +00:00
|
|
|
### Dependencies:
|
2016-02-05 15:59:42 +00:00
|
|
|
See requirements.txt
|
2016-01-29 15:29:24 +00:00
|
|
|
|
2016-07-28 11:02:10 +00:00
|
|
|
You may need to install some dev libraries like `libssl-dev`, `libjpeg-dev`, or `zlib1g-dev` to install all the
|
|
|
|
requiered dependancies with pip.
|
|
|
|
|
2016-01-29 15:29:24 +00:00
|
|
|
The development is done with sqlite, but it is advised to set a more robust DBMS for production (Postgresql for example)
|
|
|
|
|
2015-11-19 07:45:21 +00:00
|
|
|
|
2016-02-05 15:59:42 +00:00
|
|
|
### Misc about development
|
|
|
|
|
|
|
|
#### Controlling the rights
|
|
|
|
|
|
|
|
When you need to protect an object, there are three levels:
|
|
|
|
* Editing the object properties
|
|
|
|
* Editing the object various values
|
|
|
|
* Viewing the object
|
|
|
|
|
|
|
|
Now you have many solutions in your model:
|
|
|
|
* You can define a `is_owned_by(self, user)`, a `can_be_edited_by(self, user)`, and/or a `can_be_viewed_by(self, user)`
|
|
|
|
method, each returning True is the user passed can edit/view the object, False otherwise.
|
|
|
|
This allows you to make complex request when the group solution is not powerful enough.
|
|
|
|
It's useful too when you want to define class-wide permissions, e.g. the club members, that are viewable only for
|
|
|
|
Subscribers.
|
|
|
|
* You can add an `owner_group` field, as a ForeignKey to Group. Second is an `edit_groups` field, as a ManyToMany to
|
|
|
|
Group, and third is a `view_groups`, same as for edit.
|
|
|
|
|
|
|
|
Finally, when building a class based view, which is highly advised, you just have to inherit it from CanEditPropMixin,
|
|
|
|
CanEditMixin, or CanViewMixin, which are located in core.views. Your view will then be protected using either the
|
|
|
|
appropriate group fields, or the right method to check user permissions.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|