We have been developing an application to give you control over who can watch your content, and we have got this result:
You can create a list of friends. Every friend can be assigned to one friend list, and you can give readable access to these. The readable privilege will be granted by creating a composition of list, which means, you can select two or more friend lists and give them the same privileges. This gives you the opportunity to make a composition of these friend lists,. Therefore, you do not need to grant the access individually, just select more than one friend list to give them readable privileges over your publications.
We want to be able to apply this readable permission to the views in Django (the framework in which the application is being developed) in a non-intrusive way. We think the best way to do this, without rewriting the applications, is through the use of decorators. A decorator is a function that takes another function. This means that the function do something and call the other function. If a view in Django is usually written as follows:
def view(request):
something
Now, the view will be something like this:
@permission(args)
def view(request):
something
where @permission is a function that checks that the current user has privileges or permissions to read whatever he intends to watch. If he has such permissions, then show the view normally, otherwise fails.
Below, you can find a brief resume of the functionality:
You can create different friend lists, and build a composition list, which is a list with one or more friend lists. These friend lists defines certain permissions, and the general model makes the association of that permission in relation with the specified application.