Implementation of per object permissions for Django 1.2 or later.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for adobrawy from gravatar.com adobrawy Avatar for LukaszBalcerzak from gravatar.com LukaszBalcerzak Avatar for penguin_brian from gravatar.com penguin_brian Avatar for thclark from gravatar.com thclark

Unverified details

These details have not been verified by PyPI
Project links
Meta
Classifiers

Project description

https://secure.travis-ci.org/lukaszb/django-guardian.png?branch=master https://coveralls.io/repos/lukaszb/django-guardian/badge.png?branch=master https://pypip.in/v/django-guardian/badge.png https://pypip.in/d/django-guardian/badge.png

django-guardian is implementation of per object permissions [1] as authorization backend which is supported since Django 1.2. It won’t work with older Django releases.

Documentation

Online documentation is available at http://django-guardian.rtfd.org/.

Installation

To install django-guardian simply run:

pip install django-guardian

Configuration

We need to hook django-guardian into our project.

  1. Put guardian into your INSTALLED_APPS at settings module:

    INSTALLED_APPS = (
   ...
   'guardian',
)

  2. Add extra authorization backend:

    AUTHENTICATION_BACKENDS = (
    'django.contrib.auth.backends.ModelBackend', # default
    'guardian.backends.ObjectPermissionBackend',
)

  3. Configure anonymous user ID

    ANONYMOUS_USER_ID = -1

Usage

After installation and project hooks we can finally use object permissions with Django.

Lets start really quickly:

>>> jack = User.objects.create_user('jack', 'jack@example.com', 'topsecretagentjack')
>>> admins = Group.objects.create(name='admins')
>>> jack.has_perm('change_group', admins)
False
>>> UserObjectPermission.objects.assign_perm('change_group', user=jack, obj=admins)
<UserObjectPermission: admins | jack | change_group>
>>> jack.has_perm('change_group', admins)
True

Of course our agent jack here would not be able to change_group globally:

>>> jack.has_perm('change_group')
False

Admin integration

Replace admin.ModelAdmin with GuardedModelAdmin for those models which should have object permissions support within admin panel.

For example:

from django.contrib import admin
from myapp.models import Author
from guardian.admin import GuardedModelAdmin

# Old way:
#class AuthorAdmin(admin.ModelAdmin):
#    pass

# With object permissions support
class AuthorAdmin(GuardedModelAdmin):
    pass

admin.site.register(Author, AuthorAdmin)

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for adobrawy from gravatar.com adobrawy Avatar for LukaszBalcerzak from gravatar.com LukaszBalcerzak Avatar for penguin_brian from gravatar.com penguin_brian Avatar for thclark from gravatar.com thclark

Unverified details

These details have not been verified by PyPI
Project links
Meta
Classifiers

Release history Release notifications | RSS feed

2.4.0

2.3.0

2.2.0

2.1.0

2.0.0

1.5.1

1.5.0

1.4.9

1.4.8

1.4.6

1.4.5

1.4.4

1.4.3

1.4.2

1.4.1

1.4.0

1.3.2

1.3.1

This version

1.3

1.2.5

1.2.4

1.2.3

1.2.2

1.2.1

1.2.0

1.1.1

1.1.0

1.1.0.beta pre-release

1.0.4

1.0.3

1.0.2

1.0.1

1.0.0

1.0.0.beta2 pre-release

1.0.0.beta1 pre-release

1.0.0.alpha2 pre-release

1.0.0.alpha1 pre-release

0.2.3

0.2.2

0.2.1

0.2.0

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

django-guardian-1.3.tar.gz (292.2 kB view hashes)

Uploaded Source

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page