Nearly every application needs to enable its users to see only their data. Many other applications go further and add more controls, like sharing, or making some content private and public. These concepts are increasingly important to get right as data privacy consistently finds itself at the center of the conversation in technical, business and political communities.
Our Cofounder/CTO Sam Scott dug into this topic at Python Universe and led a talk on common access control patterns in Python/Django and how to implement them into a sample B2B SaaS application.
Watch the 32-minute video recording of the talk, it covers:
- What is authorization, and why you should care (spoiler: it's not just about security!)
- Best practices for implementing a role-based access control system
- How to implement the above in a simple expenses application using oso
Thanks to Geekle for hosting the Python Universe Web Edition.
For more on this topic, see post on "Building a Django app with data access control in 30 minutes", or our documentation page on implementing role-based access control with oso.
We'd love to hear from you! Feel free to join us on Slack for any questions: join-slack.osohq.com