Skip to content
This repository was archived by the owner on May 7, 2021. It is now read-only.
/ django-guardian Public archive
forked from django-guardian/django-guardian

Implementation of per object permissions for Django 1.2+

License

BSD-2-Clause license
0 stars 573 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

TailorDev/django-guardian

10 Branches13 Tags
This branch is 2 commits ahead of, 581 commits behind django-guardian/django-guardian:devel.

Folders and files

NameName
Last commit message
Last commit date

Latest commit

k4nark4nar
Merge pull request #1 from zooeysoftware/devel
Aug 26, 2015
036238f · Aug 26, 2015

History

595 Commits
benchmarks
benchmarks
Apr 3, 2015
docs
docs
Jun 3, 2015
example_project
example_project
Jun 3, 2015
guardian
guardian
Aug 26, 2015
.gitignore
.gitignore
Oct 22, 2014
.travis.yml
.travis.yml
Apr 23, 2015
AUTHORS
AUTHORS
May 19, 2015
CHANGES
CHANGES
Jun 3, 2015
LICENSE
LICENSE
Oct 30, 2014
MANIFEST.in
MANIFEST.in
Nov 15, 2013
README.rst
README.rst
Nov 13, 2013
extras.py
extras.py
Feb 17, 2013
run_test_and_report.sh
run_test_and_report.sh
Feb 11, 2013
setup.cfg
setup.cfg
Nov 15, 2013
setup.py
setup.py
Mar 7, 2014
tests.py
tests.py
Apr 23, 2015
tox.ini
tox.ini
Apr 27, 2015
utils.py
utils.py
Feb 17, 2013

Repository files navigation

django-guardian

https://secure.travis-ci.org/lukaszb/django-guardian.png?branch=master https://coveralls.io/repos/lukaszb/django-guardian/badge.png?branch=master https://pypip.in/v/django-guardian/badge.png https://pypip.in/d/django-guardian/badge.png

django-guardian is implementation of per object permissions [1] as authorization backend which is supported since Django 1.2. It won't work with older Django releases.

Documentation

Online documentation is available at http://django-guardian.rtfd.org/.

Installation

To install django-guardian simply run:

pip install django-guardian

Configuration

We need to hook django-guardian into our project.

  1. Put guardian into your INSTALLED_APPS at settings module:

    INSTALLED_APPS = (
   ...
   'guardian',
)

  2. Add extra authorization backend:

    AUTHENTICATION_BACKENDS = (
    'django.contrib.auth.backends.ModelBackend', # default
    'guardian.backends.ObjectPermissionBackend',
)

  3. Configure anonymous user ID

    ANONYMOUS_USER_ID = -1

Usage

After installation and project hooks we can finally use object permissions with Django.

Lets start really quickly:

>>> jack = User.objects.create_user('jack', '[email protected]', 'topsecretagentjack')
>>> admins = Group.objects.create(name='admins')
>>> jack.has_perm('change_group', admins)
False
>>> UserObjectPermission.objects.assign_perm('change_group', user=jack, obj=admins)
<UserObjectPermission: admins | jack | change_group>
>>> jack.has_perm('change_group', admins)
True

Of course our agent jack here would not be able to change_group globally:

>>> jack.has_perm('change_group')
False

Admin integration

Replace admin.ModelAdmin with GuardedModelAdmin for those models which should have object permissions support within admin panel.

For example:

from django.contrib import admin
from myapp.models import Author
from guardian.admin import GuardedModelAdmin

# Old way:
#class AuthorAdmin(admin.ModelAdmin):
#    pass

# With object permissions support
class AuthorAdmin(GuardedModelAdmin):
    pass

admin.site.register(Author, AuthorAdmin)
[1]Great paper about this feature is available at djangoadvent articles.

About

Implementation of per object permissions for Django 1.2+

Resources

Readme

License

BSD-2-Clause license
Activity
Custom properties

Stars

0 stars

Watchers

4 watching

Forks

0 forks
Report repository

Releases

13 tags

Packages

No packages published

Languages

  • Python 91.6%
  • HTML 8.3%
  • Shell 0.1%