By continuing to navigate on this website, you accept the use of cookies to serve you more relevant services & content.
For more information and to change the setting of cookies on your computer, please read our Cookie Policy.

Understanding Django Permissions And Groups

Permissions:

Actually permissions are of 2 types:

    1.Model level permissions
    2.object level permissions

If you want to give permissions on all cars, then Model-level is appropriate, but if you Django to give permissions on a per-car basis you want Object-level. You may need both, and this isn't a problem as we'll see.

For Model permissions, Django will create permissions in the form 'appname.permissionname_modelname' for each model. If you have an app called 'drivers' with the Car model then one permission would be 'drivers.delete_car'. The permissions that Django automatically creates will be create, change, and delete.Read permission is not included in CRUD operation.Django decided to change CRUD's 'update' to 'change' for some reason. You can use the metaclass to add more permissions to a model.:

class Book( models.Model ):

    # model stuff here

    class Meta:

        permissions = ( 

            ( "read_book", "Can read book" ),

        )

Permissions is a set of tuples, where the tuple items are the permission as described above and a description of that permission.

Finally, to check permissions, you can use has_perm:

obj.has_perm( 'drivers.read_car' )

Where obj is either a User or Group instance.

Here is some example which is used to check permissions 'perms' of a model object called entity in the app

def has_model_permissions( entity, model, perms, app ):

    for p in perms:

        if not entity.has_perm( "%s.%s_%s" % ( app, p, model.__name__ ) ):

            return False

        return True

Here entity is the Entity object to check permissions on (Group or User), model is the instance of a model(entity), perms is a list of permissions as strings to check (e.g. ['read', 'change']) for respective object, and app is the application name as a string. To do the same check as has_perm above you'd call something like this:

result = has_model_permissions( myuser, mycar, ['read'], 'drivers' )

We are having 3 default permissions which will be created when we run ./manage.py runserver.These permissions will be created for each models in a project.

add: user.has_perm('drivers.add_book')

change: user.has_perm('drivers.change_book')

delete: user.has_perm('drivers.delete_book')

Groups:

With the help of model django.contrib.auth.models.Group,we can categorizing users so you can apply permissions to group(all users)... 
For example, if the group Book, author has the permission can_edit_home_page, any user in that group will have that permission. 

from myapp.models import Book

from django.contrib.auth.models import Group, Permission

from django.contrib.contenttypes.models import ContentType content_type = ContentType.objects.get_for_model(Book)

permission = Permission.objects.create(codename='can_publish',

                                       name='Can Publish book',

                                       content_type=content_type)

We can directly add a permission to a user using user_permissions and to a group using permissions attribute.

    Posted On
  • 06 June 2013
  • By
  • Micropyramid

Need any Help in your Project?Let's Talk

Latest Comments
Related Articles
Deploying Your Django app on Heroku

Heroku is a platform as a service (PaaS) that enables developers to build and run applications entirely in the cloud.
1. installation
2. Creating and ...

Continue Reading...
Introduction to API development using Django REST framework with Example

Introduction to API development with Django REST framework. You can build the API for any Django application. Pre-requisites are Django and OOPS(object oriented programming concepts) ...

Continue Reading...
Get count, average, min, max values from model field using Django Aggregate

To retrieve maximum, minimum or average values from group of rows we can use django Aggregation. For example to retrieve max price or avg price ...

Continue Reading...
open source packages

Subscribe To our news letter

Subscribe and Stay Updated about our Webinars, news and articles on Django, Python, Machine Learning, Amazon Web Services, DevOps, Salesforce, ReactJS, AngularJS, React Native.
* We don't provide your email contact details to any third parties