Per object permissions for Django
Project description
django-guardian
django-guardian
is an implementation of per-object permissions on top
of Django’s authorization backend. Read an introduction to per-object permissions on djangoadvent articles.
Documentation
Online documentation is available at https://django-guardian.readthedocs.io/.
Installation
To install django-guardian
into your project run:
uv add django-guardian
TIP: Not using a package manager like
uv
orpoetry
for your django project? You probably should try them :). In the meantime,pip install django-guardian
works just fine too.
Configuration
We need to hook django-guardian
into our project.
- Put
guardian
into yourINSTALLED_APPS
at settings module:
INSTALLED_APPS = (
...
'guardian',
)
- Add extra authorization backend to your
settings.py
:
AUTHENTICATION_BACKENDS = (
'django.contrib.auth.backends.ModelBackend',
'guardian.backends.ObjectPermissionBackend',
)
- Create
guardian
database tables by running:
python manage.py migrate
Usage
After installation and project hooks we can finally use object permissions with Django.
Lets start really quickly:
>>> from django.contrib.auth.models import User, Group
>>> jack = User.objects.create_user('jack', 'jack@example.com', 'topsecretagentjack')
>>> admins = Group.objects.create(name='admins')
>>> jack.has_perm('change_group', admins)
False
>>> from guardian.shortcuts import assign_perm
>>> assign_perm('change_group', jack, obj=admins)
<UserObjectPermission: admins | jack | change_group>
>>> jack.has_perm('change_group', admins)
True
Of course our agent jack here would not be able to change_group globally:
>>> jack.has_perm('change_group')
False
Admin integration
Replace admin.ModelAdmin
with GuardedModelAdmin
for those models
which should have object permissions support within admin panel.
For example:
from django.contrib import admin
from myapp.models import Author
from guardian.admin import GuardedModelAdmin
# Old way:
#class AuthorAdmin(admin.ModelAdmin):
# pass
# With object permissions support
class AuthorAdmin(GuardedModelAdmin):
pass
admin.site.register(Author, AuthorAdmin)
Django Unfold integration
Users of django-unfold
will find that guardian
is supported out of the box via a contrib
module.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file django_guardian-3.0.3.tar.gz
.
File metadata
- Download URL: django_guardian-3.0.3.tar.gz
- Upload date:
- Size: 85.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.12.8
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 |
4e59eab4d836da5a027cf0c176d14bc2a4e22cbbdf753159a03946c08c8a196d
|
|
MD5 |
545564e4952d64f42b35cfb296fef6b4
|
|
BLAKE2b-256 |
30c23ed43813dd7313f729dbaa829b4f9ed4a647530151f672cfb5f843c12edf
|
Provenance
The following attestation bundles were made for django_guardian-3.0.3.tar.gz
:
Publisher:
release-publish.yml
on django-guardian/django-guardian
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1
-
Predicate type:
https://docs.pypi.org/attestations/publish/v1
-
Subject name:
django_guardian-3.0.3.tar.gz
-
Subject digest:
4e59eab4d836da5a027cf0c176d14bc2a4e22cbbdf753159a03946c08c8a196d
- Sigstore transparency entry: 250715019
- Sigstore integration time:
-
Permalink:
django-guardian/django-guardian@ad826236f0ac6c37429a548f28a063872ad9aa55
-
Branch / Tag:
refs/heads/main
- Owner: https://github.com/django-guardian
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com
-
Runner Environment:
github-hosted
-
Publication workflow:
release-publish.yml@ad826236f0ac6c37429a548f28a063872ad9aa55
-
Trigger Event:
workflow_dispatch
-
Statement type:
File details
Details for the file django_guardian-3.0.3-py3-none-any.whl
.
File metadata
- Download URL: django_guardian-3.0.3-py3-none-any.whl
- Upload date:
- Size: 118.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.12.8
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 |
d2164cea9f03c369d7ade21802710f3ab23ca6734bcc7dfcfb385906783916c7
|
|
MD5 |
f2727bc997fb52d8a3d0b87a94825ac9
|
|
BLAKE2b-256 |
8b13e6f629a978ef5fab8b8d2760cacc3e451016cef952cf4c049d672c5c6b07
|
Provenance
The following attestation bundles were made for django_guardian-3.0.3-py3-none-any.whl
:
Publisher:
release-publish.yml
on django-guardian/django-guardian
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1
-
Predicate type:
https://docs.pypi.org/attestations/publish/v1
-
Subject name:
django_guardian-3.0.3-py3-none-any.whl
-
Subject digest:
d2164cea9f03c369d7ade21802710f3ab23ca6734bcc7dfcfb385906783916c7
- Sigstore transparency entry: 250715035
- Sigstore integration time:
-
Permalink:
django-guardian/django-guardian@ad826236f0ac6c37429a548f28a063872ad9aa55
-
Branch / Tag:
refs/heads/main
- Owner: https://github.com/django-guardian
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com
-
Runner Environment:
github-hosted
-
Publication workflow:
release-publish.yml@ad826236f0ac6c37429a548f28a063872ad9aa55
-
Trigger Event:
workflow_dispatch
-
Statement type: