Django @permission_required based on user permision or Group Permisisons for the current logged in user?

Using Django Forms & APIs
1

Am Planning to use inbuild Django permissions & groups.

I have a couple of more questions

  1. Am using a decorator with permission, my requirement is I need to add permission decorators for each view function and that should get logged-in user groups & check what are all permissions associated with that groups, but the below code @ permission_required will do I believe it checks only permissions assigned to users not from group permissions correct? if so do I need to write custom decorator?
    suggest me some idea.
from django.contrib.auth.decorators import permission_required

@permission_required("demo.add_users")
def my_view(request): 
	pass
  1. the same question for UI template, to show form based on permissions, is it tied up with user permission or group permission
    I need only group permission
{% if perms.foo.add_vote %}

do i need to write custom context processed for the logic
check based on logged in user groups and check the group permissions associated and show the form in UI

  1. and also check permission by user permission or group permission
request.user.has_perm("blog.set_published_status")

suggest some standard way

Thanks!

2

That is not correct. The Django permissions system checks the permissions assigned to the User and to all the Group to which that User is assigned.

In the general case, a role-based security system always has rights assigned to the roles. No user is ever granted permissions directly. (In the Django case, Group serves the functions of roles.)

I suggest you spend some time reviewing all the docs for the methods provided by the User model, especially those associated with the permission system. Additionally, features made available, such as the user_passes_test decorator provide for even more customization.

1 Like