Reverse the relation between django users and managing authorities (how should we manage access control on jites functionalities)

[franchg]

As discussed with @droghetti we probably need to put a nullable FK on django users table thowards managing authority, reversing the current relation. Another idea is to assign a special group to managing authorities, maybe it's easier and cleaner?
Please let's elaborate on this topic and how we are going to manage security of various functionalities of the software.

• Should django be aware of managing authorities?
• Does this help us to secure the system?

[ernestoarbitrio]

i thinks that, instead of changing the auth django models, we can use a group for managing authority and change the fk on the ma table to the auth_group of django.
In this way we can have:

1. Group Piemonte Authority (user1, user2, ..... userN)
   and link the group to the MA.

Comments welcome!

[franchg]

Implemented and committed in db, I've removed the FK to django tables