I have searched through various 3rd party django libraries to implement such a hierarchical user group architecture. I have seen django-groups-manager, but it is a bit complicated for my issue. Then, I decided on django-mptt's registration of existing models feature and come up with model implementations such as:
from django.contrib.auth.models import Group from django.db import models import mptt from mptt.fields import TreeForeignKey TreeForeignKey(Group, on_delete=models.CASCADE, blank=True, null=True).contribute_to_class(Group, 'parent') mptt.register(Group, order_insertion_by=['name']) class School(models.Model): """School object""" name = models.CharField(max_length=255) group = models.ForeignKey( Group, related_name='school', on_delete=models.CASCADE) class Class(models.Model): """Class object""" name = models.CharField(max_length=255) group = models.ForeignKey( Group, related_name='class', on_delete=models.CASCADE) school = models.ForeignKey( School, on_delete=models.CASCADE ) class Student(models.Model): """Person object""" fullname = models.CharField(max_length=255) class = models.ForeignKey( Class, on_delete=models.CASCADE )
In this way, each
Class objects will have their own
Groups, school group being parent of the classes' groups of that particular school. So I can now create school principal users by using django's
User and assign it to the related parent group. By the same way, I can also create teacher users and assign them to their children groups of their class objects. And when a school principal or class teachers want to view their registered students, I can apply object level permission by filtering to their user groups.
My question is, is it the right way to do it? Is creating one group per each school/class objects meaningful?