Skip to content

django-guardian/django-guardian

13 Branches32 Tags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

dpgraham4401thclark
dpgraham4401
and
thclark
DOC: Set readthedocs search text color to black (#849)
Feb 2, 2025
e3dd3f3 · Feb 2, 2025

History

1,174 Commits
.github/workflows
.github/workflows
Feb 2, 2025
benchmarks
benchmarks
Nov 14, 2019
docs
docs
Feb 2, 2025
example_project
example_project
Jan 24, 2025
example_project_custom_group
example_project_custom_group
Jan 24, 2025
guardian
guardian
Jan 28, 2025
.gitignore
.gitignore
Jan 28, 2025
.isort.cfg
.isort.cfg
Jul 17, 2016
.readthedocs.yaml
.readthedocs.yaml
Jan 28, 2025
AUTHORS
AUTHORS
Jan 24, 2025
LICENSE
LICENSE
Sep 4, 2016
MANIFEST.in
MANIFEST.in
May 10, 2016
README.rst
README.rst
Feb 2, 2025
SECURITY.md
SECURITY.md
Jan 24, 2025
manage.py
manage.py
Jan 13, 2016
mkdocs.yml
mkdocs.yml
Feb 2, 2025
pytest.ini
pytest.ini
Sep 10, 2018
requirements.txt
requirements.txt
Jan 28, 2025
run_test_and_report.sh
run_test_and_report.sh
Feb 11, 2013
setup.cfg
setup.cfg
Jan 24, 2025
setup.py
setup.py
Feb 2, 2025
tox.ini
tox.ini
Feb 2, 2025
utils.py
utils.py
Nov 14, 2019

Repository files navigation

django-guardian

https://github.com/django-guardian/django-guardian/workflows/Tests/badge.svg?branch=devel

django-guardian is an implementation of per object permissions [1] on top of Django's authorization backend

Documentation

Online documentation is available at https://django-guardian.readthedocs.io/.

Requirements

  • Python 3.9+
  • A supported version of Django (currently 3.2+)

GitHub Actions run tests against Django versions 3.2, 4.1, 4.2, 5.0, 5.1, and main.

Installation

To install django-guardian simply run:

pip install django-guardian

Configuration

We need to hook django-guardian into our project.

  1. Put guardian into your INSTALLED_APPS at settings module:
INSTALLED_APPS = (
 ...
 'guardian',
)
  1. Add extra authorization backend to your settings.py:
AUTHENTICATION_BACKENDS = (
    'django.contrib.auth.backends.ModelBackend', # default
    'guardian.backends.ObjectPermissionBackend',
)

  1. Create guardian database tables by running:

    python manage.py migrate

Usage

After installation and project hooks we can finally use object permissions with Django.

Lets start really quickly:

>>> from django.contrib.auth.models import User, Group
>>> jack = User.objects.create_user('jack', 'jack@example.com', 'topsecretagentjack')
>>> admins = Group.objects.create(name='admins')
>>> jack.has_perm('change_group', admins)
False
>>> from guardian.shortcuts import assign_perm
>>> assign_perm('change_group', jack, obj=admins)
<UserObjectPermission: admins | jack | change_group>
>>> jack.has_perm('change_group', admins)
True

Of course our agent jack here would not be able to change_group globally:

>>> jack.has_perm('change_group')
False

Admin integration

Replace admin.ModelAdmin with GuardedModelAdmin for those models which should have object permissions support within admin panel.

For example:

from django.contrib import admin
from myapp.models import Author
from guardian.admin import GuardedModelAdmin

# Old way:
#class AuthorAdmin(admin.ModelAdmin):
#    pass

# With object permissions support
class AuthorAdmin(GuardedModelAdmin):
    pass

admin.site.register(Author, AuthorAdmin)
[1]Great paper about this feature is available at djangoadvent articles.

About

Per object permissions for Django

django-guardian.readthedocs.io/

Resources

Readme

License

View license

Security policy

Security policy
Activity
Custom properties

Stars

3.7k stars

Watchers

77 watching

Forks

573 forks
Report repository

Releases 6

Release 2.4.0 (May 24, 2021) Latest
Jan 24, 2025
+ 5 releases

Used by 7.2k

  • @ikollipara
  • @kojamad28
  • @sumonst21
  • @ahadjipanayis
  • @lsspkk
  • @tobias-omondi
  • @kojamad28
  • @erezimm
+ 7,203

Contributors 154

+ 140 contributors

Languages