Geek Answers Handbook

Setting Django Administrator Software Rights

The Django site I'm working on has the option to register for an account. To provide them with some editing features, I use the Django built-in admin. However, I had a problem: after the user has registered, they do not have rights in the Django administrator, not even to view permissions. Thus, my question is: how can I, in the code, assign administrator rights to the corresponding models, in the same way I can assign them manually in the "User Permissions" section when editing a user in the administrator? I have already tried with the usual has_xxx_permissions() using the custom ModelAdmin classes, but this did not work. Therefore, I assume that I forgot something obvious. Any ideas?

+7
source share
5 answers

https://docs.djangoproject.com/en/dev/topics/auth/default/#permissions-and-authorization

 new_user.user_permissions.add(permission1, permission2, etc...)
+8
source

For your purposes, it would be much simpler and more efficient to assign all new users to a specific group, and then grant this group all the permissions the user needs. Any member of the group also inherits these permissions.

You can create a group and assign administrator rights to it. Then you just need to add something like the following to your registration code.

 try: group = Group.objects.get(name='The User Group') except Group.DoesNotExist: # group should exist, but this is just for safety sake, it case the improbable should happen pass else: user.groups.add(group)
+5
source

dgel's answer pointed me in a direction that leads to a working solution for me. Essentially, he seems to suggest the following:

  • Retrieve the ContentType for the model for which you want to set permissions. In this context, the content type is an object that contains information about the Django model .
  • Create a Permission object consisting of the type of content and the action you want to allow inside the administrator using Permission.objects.get() . The only difficulty here is to define the codename parameter, which for administrator rights consists of an action ("add", "change" or "delete"), underscore and model name. Therefore, if you have a model called Foo , and you want to create all the permissions for it, you will need 3 permissions, each of which has the content type of your Foo model plus the code names add_foo , change_foo , and delete_foo .
  • Assign these permissions with user.user_permissions.add(permission) .

Go to dgel answers for code examples . Examining the auth application data dump ( manage.py dumpdata auth ) of an existing Django database also gave me an idea of ​​the inner workings of permissions.

+3
source

By Django 1.6:

Each user has a many-to-many user_permissions for permission - you can add the following rights to it:

 your_user.user_permissions.add(permission)

v1.6 Documents:

+1
source

I will answer your question exactly since I found this question from Google. I will show what I am doing in Django 1.9 with groups, and then show how to do it for the user.

from django.contrib.auth.models import Group, Permission group, __ = Group.objects.get_or_create (name = 'my_group')

 permissions = Permission.objects.all() for p in permissions: group.permissions.add(p) group.save()

It is very easy to adapt to the user:

 from django.contrib.auth.models import Permission permissions = Permission.objects.all() for p in permissions: youruser.user_permissions.add(p) youruser.save()

I prefer the group because you can add permissions in the future and you can just add permissions to the group instead of reusing all users.

0
source

More articles:


All Articles