Setting Django admin permissions programmatically

Question

The Django site I'm working on has the possibility for users to sign up for an account. To provide them with some editing functionality, I use the built-in Django admin. However, I'm having a problem: After a user has signed up, they don't have any permissions inside the Django admin, not even view permissions. Thus my question: How do I, in code, assign admin permissions to the user for the relevant models, in the same way I can assign them manually in the "User Permissions" section when editing the user in the admin? I've already tried with the usual has_xxx_permissions() using custom ModelAdmin classes, but that didn't work. So my guess is that I overlooked something obvious. Any ideas?

Relevant answers here and here.

dgel
– dgel

2012-06-01 15:33:06 +00:00
Commented Jun 1, 2012 at 15:33 — dgel
– dgel, Commented Jun 1, 2012 at 15:33

lampslave · Accepted Answer · 2015-07-29 17:06:29Z

9

https://docs.djangoproject.com/en/dev/topics/auth/default/#permissions-and-authorization

new_user.user_permissions.add(permission1, permission2, etc...)

edited Jul 29, 2015 at 17:06

lampslave

1,5331 gold badge15 silver badges20 bronze badges

answered Jun 1, 2012 at 15:34

dm03514

56.2k18 gold badges117 silver badges147 bronze badges

Sign up to request clarification or add additional context in comments.

1 Comment

tar Over a year ago

Only user.user_permissions.add() worked for me. Django 1.4 raised AttributeError: 'User' object has no attribute 'permissions' if I tried just user.permissions.add().

Chris Pratt · Accepted Answer · 2012-06-01 18:26:39Z

6

For your purposes, it would probably be much more easy and and efficient to assign all new users to a particular group, and then give that group all the permissions the user needs. Any member of the group will inherit those permissions as well.

You can create the group and assign the permissions to it in the admin. Then, you just need to add something like the following to your registration code.

try:
    group = Group.objects.get(name='The User Group')
except Group.DoesNotExist:
    # group should exist, but this is just for safety's sake, it case the improbable should happen
    pass
else:
    user.groups.add(group)

edited Jun 1, 2012 at 18:26

answered Jun 1, 2012 at 15:50

Chris Pratt

240k37 gold badges414 silver badges469 bronze badges

3 Comments

Timo Over a year ago

I suppose it could be done this way, but applying the permissions directly to the users seems "nicer" to me (okay, probably just a matter of taste). But I'll keep this in mind for other use cases.

Rob Grant Over a year ago

@Timo I'm exactly the same; even though in theory a group is more elegant, it's another thing to make sure is in place. I think when I need to do this sort of thing more I'll switch to groups, but for now I'm going to stick with direct perms.

Rob Grant Over a year ago

Actually, dgel's code samples (linked to below) changed my mind. Groups it is!

Community · Accepted Answer · 2017-05-23 10:29:39Z

dgel's answer pointed me in the direction which lead to a working solution for me. Essentially, what he seems to be suggesting is:

Retrieve a ContentType for the model you want to set permissions for. In this context, a content type is an object that holds information about a Django model.
Create a Permission object consisting of the content type and the action you want to allow inside the admin, using Permission.objects.get(). The only difficulty here is figuring out the codename parameter, which, for admin permissions, consists of an action ("add", "change" or "delete"), an underscore, and the model name. So if you have a model called Foo and you want to create all permissions for it, you'll need 3 permissions, each with the content type of your Foo model plus the code names add_foo, change_foo, and delete_foo.
Assign these permissions using user.user_permissions.add(permission).

Head over to dgel's answers for code examples. Looking at a data dump of the auth app (manage.py dumpdata auth) of an existing Django database provided me with insights into the inner workings of permissions, too.

std''OrgnlDave · Accepted Answer · 2017-01-10 16:16:14Z

2

I'll answer your question exactly since I found this question with Google. I'll show what I'm doing in Django 1.9 with groups, then show how to do it to a user.

from django.contrib.auth.models import Group, Permission group, __ = Group.objects.get_or_create(name='my_group')

permissions = Permission.objects.all()
for p in permissions:
    group.permissions.add(p)
group.save()

It's pretty easy to adapt to user:

from django.contrib.auth.models import Permission
permissions = Permission.objects.all()
for p in permissions:
    youruser.user_permissions.add(p)
youruser.save()

I prefer group because you may be adding permissions in the future and can just add to group instead of re-doing all users.

answered Jan 10, 2017 at 16:16

std''OrgnlDave

3,9861 gold badge27 silver badges36 bronze badges

1 Comment

nerdoc Over a year ago

is youruser.save() or group.save() necessary? This is a m2m link - and group.permissions.add(p) should be everything you need. no save() necessary IMHO.

jamesc · Accepted Answer · 2014-02-05 16:12:01Z

1

As of Django 1.6:

Every User has a many-to-many field user_permissions to Permission - you can add permissions to this:

your_user.user_permissions.add(permission)

v1.6 Docs:

Django.contrib.auth API (shows User, Group and Permission objects)
Auth default permissions (shows how to clear, add, remove)

answered Feb 5, 2014 at 16:12

jamesc

6,4083 gold badges34 silver badges44 bronze badges

Collectives™ on Stack Overflow

Setting Django admin permissions programmatically

5 Answers 5

1 Comment

3 Comments

Comments

1 Comment

Comments

Your Answer

Linked

Hot Network Questions

Collectives™ on Stack Overflow

5 Answers 5

1 Comment

3 Comments

Comments

1 Comment

Comments

Your Answer

Sign up or log in

Post as a guest

Linked

Related