Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

how to add Permissions in Django to Models and Test it using the shell

I added the Meta class in my model and synchronized the DB then created an object in the shell it returns false so i really cant understand where is the error or what is missing is there some sort of configuration maybe in some other files ..

class Employer(User): # Employer inherits from User
    employer_verified = models.BooleanField(default=False)

    class Meta:
        permissions = (
            ("is_member", "Friendly permission description"),
        )

emp = Employer.objects.create(blablabla)
emp.save()
emp.has_perm('myappname.is_member')
like image 833
Karim Tarek Avatar asked Apr 20 '12 19:04

Karim Tarek


People also ask

How do I add permissions to a Django model?

Add Permissions to a Group If you are using AbstractUser in Django, you must add AUTH_USER_MODEL = 'YourAppName. YourClassName' . This way, you are telling Django to use our custom user model instead of the default one. The code below should go in your admin.py file so that you can see your user model.

How do I give permission to a specific user in Django?

through django-adminopen your django-admin page and head to Users section and select your desired user . NOTE: Permission assigning process is a one-time thing, so you dont have to update it every time unless you need to change/re-assign the permissions.

How do permissions work in Django?

By default, Django automatically gives add, change, and delete permissions to all models, which allow users with the permissions to perform the associated actions via the admin site. You can define your own permissions to models and grant them to specific users.

What is admin in Django?

django-admin is Django's command-line utility for administrative tasks. This document outlines all it can do. In addition, manage.py is automatically created in each Django project.


1 Answers

In the example you gave, I would expect emp.has_perm('myappname.is_member') to indeed be False. Unless you explicitly give the new Employer object the is_member permission, it won't have it.

To programmatically give it the permission you need to get the actual permission object and add it to the Employer's user_permissions:

from django.contrib.auth.models import Permission
from django.contrib.contenttypes.models import ContentType

content_type = ContentType.objects.get_for_model(Employer)
permission = Permission.objects.get(content_type=content_type, codename='is_member')

emp = Employer.objects.create(blablabla)
emp.save()
emp.user_permissions.add(permission)

To test it in the shell, you may need to delete the permission cache that is created for each user- otherwise has_perm may not reflect the actual permissions:

delattr(emp, '_perm_cache')

Responding to your questions:

If you want every single Employer to have the is_member permission there are a few options:

  1. Override the save method of Employer to check if there is no self.pk (which means it is a new object, and create the permission as I showed above after saving. Not very pretty, but it would work.

  2. Write your own authentication backend. If the permission code is 'is_member' and the User has an Employer instance, return True

  3. Don't use permissions. The permission system is designed for you to be able to dynamically grant and revoke permissions. If you only care whether a User is an Employer- then test for that. Don't complicate it by using permissions.

like image 55
dgel Avatar answered Sep 27 '22 15:09

dgel