Implementation of per object permissions for Django.
Project description
django-guardian is an implementation of per object permissions [1] on top of Django’s authorization backend
Documentation
Online documentation is available at https://django-guardian.readthedocs.io/.
Requirements
- Python 3.5+
- A supported version of Django (currently 2.2+)
GitHub Actions run tests against Django versions 2.2, 3.0, 3.1, 3.2, and main.
Installation
To install django-guardian simply run:
pip install django-guardian
Configuration
We need to hook django-guardian into our project.
- Put guardian into your INSTALLED_APPS at settings module:
INSTALLED_APPS = ( ... 'guardian', )
- Add extra authorization backend to your settings.py:
AUTHENTICATION_BACKENDS = ( 'django.contrib.auth.backends.ModelBackend', # default 'guardian.backends.ObjectPermissionBackend', )
Create guardian database tables by running:
python manage.py migrate
Usage
After installation and project hooks we can finally use object permissions with Django.
Lets start really quickly:
>>> from django.contrib.auth.models import User, Group >>> jack = User.objects.create_user('jack', 'jack@example.com', 'topsecretagentjack') >>> admins = Group.objects.create(name='admins') >>> jack.has_perm('change_group', admins) False >>> from guardian.models import UserObjectPermission >>> UserObjectPermission.objects.assign_perm('change_group', jack, obj=admins) <UserObjectPermission: admins | jack | change_group> >>> jack.has_perm('change_group', admins) True
Of course our agent jack here would not be able to change_group globally:
>>> jack.has_perm('change_group') False
Admin integration
Replace admin.ModelAdmin with GuardedModelAdmin for those models which should have object permissions support within admin panel.
For example:
from django.contrib import admin from myapp.models import Author from guardian.admin import GuardedModelAdmin # Old way: #class AuthorAdmin(admin.ModelAdmin): # pass # With object permissions support class AuthorAdmin(GuardedModelAdmin): pass admin.site.register(Author, AuthorAdmin)
| [1] | Great paper about this feature is available at djangoadvent articles. |
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
| Filename, size | File type | Python version | Upload date | Hashes |
|---|---|---|---|---|
| Filename, size django_guardian-2.4.0-py3-none-any.whl (106.1 kB) | File type Wheel | Python version py3 | Upload date | Hashes View |
| Filename, size django-guardian-2.4.0.tar.gz (159.0 kB) | File type Source | Python version None | Upload date | Hashes View |
Hashes for django_guardian-2.4.0-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 440ca61358427e575323648b25f8384739e54c38b3d655c81d75e0cd0d61b697 |
|
| MD5 | dfe84f444671fd8769099fb6e7746a6a |
|
| BLAKE2-256 | a225869df12e544b51f583254aadbba6c1a95e11d2d08edeb9e58dd715112db5 |