I think I've found an interesting way to set up a permissions system in Django. This system allows you to specify granular permissions on specific object instances and is template friendly. Setup The Permissions Infrastructure First, you create an "abstract" Permissions class that models will use as a permissions base class. This base permissions class sets up simple caching for the permissions and creates some common methods to be used by all permissions objects. The current_user represents the logged in that you want to check permissions for a particular object. Notice the use of threadlocals here. If current_user is not supplied in the constructor, the class will try to lookup the current_user from a variable by the threadlocals middleware (see below). Be warned, however, some people don't seem to like the threadlocals approach . To be honest, I'm still trying to evaluate the pluses and minuses, but it sure makes certain things in the templates easi
Django Python exploration