Django: Using The Permission System

I was surprised at how little information I found on making use of Django’s permission system. Here are some quick notes on one way to use it:

Groups are groups of users. For example, you could define a group of users who have premium accounts, or have been verified in some way, or are somehow special:

from django.contrib.auth.models import Group, Permission
special_users = Group(name='Special Users')
really_special_users = Group(name='Super Special Users')

Now you have two groups defined and can define permissions for them. Django associates permissions with models (note: not model instances, but models). You’ll need to select a model to apply the permissions to, and do a small dance with “ContentType” to find that model’s content type:

from django.contrib.contenttypes.models import ContentType
somemodel_ct = ContentType.objects.get(app_label='myapp', model='somemodel')

can_view = Permission(name='Can View', codename='can_view_something',

can_modify = Permission(name='Can Modify', codename='can_modify_something',

You’ve now defined two permissions and can associate them with your Groups:

really_special_users.permissions = [can_view, can_modify]

Our groups and their associated permissions are ready to go. Now we just have to associate these permissions with users:

jack=User.objects.get(email='[[email protected]](/web/20120325165629/')

jill=User.objects.get(email='[[email protected]](/web/20120325165629/')

We’re all done. Now we can check the users’ permissions:

>>> jack.has_perm('myapp.can_view_something')
>>> jack.has_perm('myapp.can_modify_something')

>>> jill.has_perm('myapp.can_view_something')
>>> jill.has_perm('myapp.can_modify_something')

And to use it in your templates:

Can't show you!