Django group permission activate












0















If you have django.contrib.auth in your INSTALLED_APPS django will automatically create add, change, delete and view permissions to every model in your system (or any one you add later). These are stored in auth_permission.



In django doc, here is what we can read under Groups section:
django.contrib.auth.models.Group models are a generic way of categorizing users so you can apply permissions, or some other label, to those users. A user can belong to any number of groups.
A user in a group automatically has the permissions granted to that group. For example, if the group 'Site editors' has the permission can_edit_home_page, any user in that group will have that permission.



I've a group with no permission at all (call it NADA) and I've assign that group to a specific user (let's call him Pierre). Pierre can still connect and create, update, delete or view anything on my web interface.



How can I make it working? There's few or no doc on the web for native Django Permission.




  • I've read this nice publication
    django-permission-apps-comparison.

  • I know I could install django-guardian, django-role-permissions or
    django-rules...

  • I know we can manage access via middleware or decorator But since django IS creating these tables for us (user, groups, permissions and group_permissions)


I thought it was extremely simple to implement CRUD access to any model class!



Wrong?



Do I miss something?



Note: Working with Python3.6 and Django 2.1.3










share|improve this question



























    0















    If you have django.contrib.auth in your INSTALLED_APPS django will automatically create add, change, delete and view permissions to every model in your system (or any one you add later). These are stored in auth_permission.



    In django doc, here is what we can read under Groups section:
    django.contrib.auth.models.Group models are a generic way of categorizing users so you can apply permissions, or some other label, to those users. A user can belong to any number of groups.
    A user in a group automatically has the permissions granted to that group. For example, if the group 'Site editors' has the permission can_edit_home_page, any user in that group will have that permission.



    I've a group with no permission at all (call it NADA) and I've assign that group to a specific user (let's call him Pierre). Pierre can still connect and create, update, delete or view anything on my web interface.



    How can I make it working? There's few or no doc on the web for native Django Permission.




    • I've read this nice publication
      django-permission-apps-comparison.

    • I know I could install django-guardian, django-role-permissions or
      django-rules...

    • I know we can manage access via middleware or decorator But since django IS creating these tables for us (user, groups, permissions and group_permissions)


    I thought it was extremely simple to implement CRUD access to any model class!



    Wrong?



    Do I miss something?



    Note: Working with Python3.6 and Django 2.1.3










    share|improve this question

























      0












      0








      0








      If you have django.contrib.auth in your INSTALLED_APPS django will automatically create add, change, delete and view permissions to every model in your system (or any one you add later). These are stored in auth_permission.



      In django doc, here is what we can read under Groups section:
      django.contrib.auth.models.Group models are a generic way of categorizing users so you can apply permissions, or some other label, to those users. A user can belong to any number of groups.
      A user in a group automatically has the permissions granted to that group. For example, if the group 'Site editors' has the permission can_edit_home_page, any user in that group will have that permission.



      I've a group with no permission at all (call it NADA) and I've assign that group to a specific user (let's call him Pierre). Pierre can still connect and create, update, delete or view anything on my web interface.



      How can I make it working? There's few or no doc on the web for native Django Permission.




      • I've read this nice publication
        django-permission-apps-comparison.

      • I know I could install django-guardian, django-role-permissions or
        django-rules...

      • I know we can manage access via middleware or decorator But since django IS creating these tables for us (user, groups, permissions and group_permissions)


      I thought it was extremely simple to implement CRUD access to any model class!



      Wrong?



      Do I miss something?



      Note: Working with Python3.6 and Django 2.1.3










      share|improve this question














      If you have django.contrib.auth in your INSTALLED_APPS django will automatically create add, change, delete and view permissions to every model in your system (or any one you add later). These are stored in auth_permission.



      In django doc, here is what we can read under Groups section:
      django.contrib.auth.models.Group models are a generic way of categorizing users so you can apply permissions, or some other label, to those users. A user can belong to any number of groups.
      A user in a group automatically has the permissions granted to that group. For example, if the group 'Site editors' has the permission can_edit_home_page, any user in that group will have that permission.



      I've a group with no permission at all (call it NADA) and I've assign that group to a specific user (let's call him Pierre). Pierre can still connect and create, update, delete or view anything on my web interface.



      How can I make it working? There's few or no doc on the web for native Django Permission.




      • I've read this nice publication
        django-permission-apps-comparison.

      • I know I could install django-guardian, django-role-permissions or
        django-rules...

      • I know we can manage access via middleware or decorator But since django IS creating these tables for us (user, groups, permissions and group_permissions)


      I thought it was extremely simple to implement CRUD access to any model class!



      Wrong?



      Do I miss something?



      Note: Working with Python3.6 and Django 2.1.3







      python django permissions rbac






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Nov 23 '18 at 10:55









      openHBPopenHBP

      564




      564
























          1 Answer
          1






          active

          oldest

          votes


















          1














          Django permissions are simple. As far as I understand your question, you are trying to create a user with no permission and he should not see any entries on the Django admin.



          First thing is to make sure the user is not marked as "superuser", the superuser sees everything no matter which group they are added in.



          If he is not a superuser and is still able to see the model then you should make sure he is not part of multiple groups. If a user is in multiple groups then a union of all permissions is what is applied to them. This link will give you more details on different flags for a user https://djangobook.com/users-groups-permissions/. Let me know if this helps.






          share|improve this answer


























          • For django-admin it works fine but I would like to implement it in my web application. Instead of writing decorator for each view I was wondering if this feature could work also in my app. Even with decorator you can only set 2 things: Read Only or Create, Update Delete... Or you have to display or not the Create, Update, Delete button/link in your app...

            – openHBP
            Nov 28 '18 at 10:31













          Your Answer






          StackExchange.ifUsing("editor", function () {
          StackExchange.using("externalEditor", function () {
          StackExchange.using("snippets", function () {
          StackExchange.snippets.init();
          });
          });
          }, "code-snippets");

          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "1"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53445355%2fdjango-group-permission-activate%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          1 Answer
          1






          active

          oldest

          votes








          1 Answer
          1






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes









          1














          Django permissions are simple. As far as I understand your question, you are trying to create a user with no permission and he should not see any entries on the Django admin.



          First thing is to make sure the user is not marked as "superuser", the superuser sees everything no matter which group they are added in.



          If he is not a superuser and is still able to see the model then you should make sure he is not part of multiple groups. If a user is in multiple groups then a union of all permissions is what is applied to them. This link will give you more details on different flags for a user https://djangobook.com/users-groups-permissions/. Let me know if this helps.






          share|improve this answer


























          • For django-admin it works fine but I would like to implement it in my web application. Instead of writing decorator for each view I was wondering if this feature could work also in my app. Even with decorator you can only set 2 things: Read Only or Create, Update Delete... Or you have to display or not the Create, Update, Delete button/link in your app...

            – openHBP
            Nov 28 '18 at 10:31


















          1














          Django permissions are simple. As far as I understand your question, you are trying to create a user with no permission and he should not see any entries on the Django admin.



          First thing is to make sure the user is not marked as "superuser", the superuser sees everything no matter which group they are added in.



          If he is not a superuser and is still able to see the model then you should make sure he is not part of multiple groups. If a user is in multiple groups then a union of all permissions is what is applied to them. This link will give you more details on different flags for a user https://djangobook.com/users-groups-permissions/. Let me know if this helps.






          share|improve this answer


























          • For django-admin it works fine but I would like to implement it in my web application. Instead of writing decorator for each view I was wondering if this feature could work also in my app. Even with decorator you can only set 2 things: Read Only or Create, Update Delete... Or you have to display or not the Create, Update, Delete button/link in your app...

            – openHBP
            Nov 28 '18 at 10:31
















          1












          1








          1







          Django permissions are simple. As far as I understand your question, you are trying to create a user with no permission and he should not see any entries on the Django admin.



          First thing is to make sure the user is not marked as "superuser", the superuser sees everything no matter which group they are added in.



          If he is not a superuser and is still able to see the model then you should make sure he is not part of multiple groups. If a user is in multiple groups then a union of all permissions is what is applied to them. This link will give you more details on different flags for a user https://djangobook.com/users-groups-permissions/. Let me know if this helps.






          share|improve this answer















          Django permissions are simple. As far as I understand your question, you are trying to create a user with no permission and he should not see any entries on the Django admin.



          First thing is to make sure the user is not marked as "superuser", the superuser sees everything no matter which group they are added in.



          If he is not a superuser and is still able to see the model then you should make sure he is not part of multiple groups. If a user is in multiple groups then a union of all permissions is what is applied to them. This link will give you more details on different flags for a user https://djangobook.com/users-groups-permissions/. Let me know if this helps.







          share|improve this answer














          share|improve this answer



          share|improve this answer








          edited Dec 7 '18 at 11:05

























          answered Nov 26 '18 at 9:48









          noor3240552noor3240552

          113




          113













          • For django-admin it works fine but I would like to implement it in my web application. Instead of writing decorator for each view I was wondering if this feature could work also in my app. Even with decorator you can only set 2 things: Read Only or Create, Update Delete... Or you have to display or not the Create, Update, Delete button/link in your app...

            – openHBP
            Nov 28 '18 at 10:31





















          • For django-admin it works fine but I would like to implement it in my web application. Instead of writing decorator for each view I was wondering if this feature could work also in my app. Even with decorator you can only set 2 things: Read Only or Create, Update Delete... Or you have to display or not the Create, Update, Delete button/link in your app...

            – openHBP
            Nov 28 '18 at 10:31



















          For django-admin it works fine but I would like to implement it in my web application. Instead of writing decorator for each view I was wondering if this feature could work also in my app. Even with decorator you can only set 2 things: Read Only or Create, Update Delete... Or you have to display or not the Create, Update, Delete button/link in your app...

          – openHBP
          Nov 28 '18 at 10:31







          For django-admin it works fine but I would like to implement it in my web application. Instead of writing decorator for each view I was wondering if this feature could work also in my app. Even with decorator you can only set 2 things: Read Only or Create, Update Delete... Or you have to display or not the Create, Update, Delete button/link in your app...

          – openHBP
          Nov 28 '18 at 10:31




















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Stack Overflow!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53445355%2fdjango-group-permission-activate%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          Popular posts from this blog

          Berounka

          Sphinx de Gizeh

          Different font size/position of beamer's navigation symbols template's content depending on regular/plain...