Skip to main content
Filter by
Sorted by
Tagged with
1 vote
1 answer
52 views

Custom Permission Mixin Django Rest Framework

I am trying to create a custom mixim that handles additional permission checks in my views. This is what I have tried: class ProfilePermissionsRequiredMixin: required_permissions = [] def ...
Mohammad Alnahhas's user avatar
0 votes
1 answer
27 views

Object permissions for multiply objects in DRF

I can't prescribe permissions. I have Accounts, Sites and Informations models: Accounts class Accounts(models.Model): user = models.ForeignKey(to=User, on_delete=models.SET_NULL, null=True, ...
kurōzuappu's user avatar
0 votes
1 answer
28 views

Django User not inheriting Group permissions

I have a TestCase that i'm testing permissions on. I don't understand how this test is failing where it's failing: # Make sure group has permission group_permissions = self.my_group....
AlxVallejo's user avatar
  • 3,207
1 vote
1 answer
62 views

Django Model Permissions. Why is this hard?

Django creates permissions for every model you make, such as: can_view_{model_name} can_add_{model_name} can_edit_{model_name} Out of the box, these are only applicable to Django Admin. Ok well if I ...
AlxVallejo's user avatar
  • 3,207
1 vote
1 answer
51 views

My custom permission isn't blocking put requests for editing objects

I have this permission class class AuthorOrReadOnly(BasePermission): def has_object_permission(self, request, view, obj): if request.method in SAFE_METHODS: return True ...
Sifirus's user avatar
  • 13
1 vote
1 answer
108 views

How to restore deleted permissions on a model in a django project

I want to create a new group and add permissions to the group called "mod". The permission I want to give to this group is Can add, Can Change, Can Delete, and Can View. After I added all ...
Syaf Dtr's user avatar
0 votes
1 answer
43 views

Allow Admin user to see only the user the admin creates in Django

I am trying to create a school management system, where by a school can register and becomes an admin, the school which is an admin, can create their staffs and students. The staff and students should ...
Joseph Ayemlo's user avatar
1 vote
0 answers
172 views

Django REST Framework Viewset Executes Actions Multiple Times and Shows 'None' for GET Requests

I have a Django REST framework viewset with multiple actions such as list, create, and more. When I send a GET request, I noticed that some actions are executed multiple times, and the action is ...
Hamidreza Farzin's user avatar
0 votes
1 answer
61 views

Django Permission per Database Object

I have an architectural question regarding Djangos permission model. I do have a Database Model which hold companies, and each company can have multiple projects. Users should be able to only see ...
Tobias K.'s user avatar
0 votes
0 answers
28 views

Some Models permission are missing from the permission list in django admin

Account models has lot of the models but only the user models permission are visible These are some of the models of out lot of models in the file for which permission are not visible class Child(...
ibex's user avatar
  • 113
0 votes
1 answer
34 views

Customizing Permissions and Groups models in Django

I want to modify the Permissions and Group models from django.contrib.auth. I have extended them but am unable to understand how to use these extended models in my project. I had researched about it ...
Asher's user avatar
  • 1
0 votes
1 answer
31 views

Permission denied for ..../<id>/ CRUD ModelViewSet endpoints

I am trying to create a ModelViewSet for supporting CRUD operations on my address model. I am able to successfully use LIST and CREATE endpoints, but all the other 4 endpoints which require/id/ in ...
Naman Arora's user avatar
0 votes
1 answer
59 views

How to update widget attribute based on user role in Django

I have this custom widget: class RelatedFieldWidgetCanAdd(widgets.Select): def __init__(self, related_model, related_url=None, can_add_related=True, *args, **kw): self.can_add_related = ...
Ankit Tiwari's user avatar
  • 4,690
3 votes
2 answers
371 views

How to update 'Allow' headers in DRF to match an OPTIONS request's permissions?

I am using Django Rest Framework 3.14 with ModelViewsets and a settings-wide DjangoModelOrAnonReadOnly permission class. Given this config, out of the box my JSON API seems to respond to OPTIONS ...
WhyNotTryCalmer's user avatar
0 votes
1 answer
303 views

Best approach for implementing configurable permissions and roles in Django

I'm working on a Django application and I need to implement configurable permissions and roles. I want to be able to add new roles and associate multiple tasks with each role for specific modules in ...
Muhammadoufi's user avatar
0 votes
1 answer
28 views

Dependant permissions in django rest framework

I have a query - Suppose I have a notebooks (Physics,Chemistry,Math,...) and I want to put note in these notebooks by implementing some permissions - If I have permissions to view notebooks and I ...
Anshu Mishra's user avatar
0 votes
0 answers
358 views

drf custom authentication backend gets executed on the path that doesn't need authentication

I am new to django and I am trying to add permissions from DRF to my project. Ever since I have set DEFAULT_AUTHENTICATION_CLASSES for REST_FRAMEWORK in django settings.py, all the requests are going ...
suvodipMondal's user avatar
0 votes
1 answer
22 views

How can I build multiple versions of admins with different permissions in django

For example in a Car Rental System where the car owner should have his admin interface to view, add and delete his cars and also view orders orders, pending payments, finished payments but he should ...
SIMBA's user avatar
  • 1
0 votes
1 answer
1k views

Admin. Register model in other app administration

In admin panel I'm looking to having all user related models in one app administration, including Group and Permission models, which are by default included in Authentication and authorization app. Is ...
COSHW's user avatar
  • 166
-1 votes
1 answer
305 views

Django - How can I add a user to an auth_group?

I have and django application that I am trying to apply user group permissions. Here is how my members model is setup. Class Member(AbstractUser) Class Meta: permissions = ((Perm1_codename,...
quasar's user avatar
  • 3
0 votes
0 answers
44 views

Check if django permission works via shell

User has only change_post permission. I want to check in practice via shell if it works. It hasn't add_post permision. Creating an instance of a Post class with an user attribut it doesn't raise an ...
kubaSpolsky's user avatar
0 votes
1 answer
72 views

How to restrict Django users from filling a form twice in different sessions

I have a form for employees to fill their bio data, I want to restrict the employees from viewing the form more than once. That is after filling the form, you can’t view the empty form anymore, you ...
Raji Muhammad's user avatar
1 vote
0 answers
63 views

Django-guardian has_perm("codename", obj) is False even if group has the permission

I'm trying to implement django-guardian permissions in my project. In the TestCase below, I assigned view_income permission to staff group. That means, also user_c has the permission. The problem is ...
Milano's user avatar
  • 18.7k
2 votes
1 answer
3k views

Custom permission in django rest framework

I want to write a custom permission to restrict access to the display picture of a user. My user profile model is called Member and the implementation is as follows: # imports class Member(models....
Ahmed Mustafa's user avatar
0 votes
2 answers
259 views

How do I apply higher permissions to child pages in Wagtail?

I am building an intranet site for my organization with Wagtail and we are in the process of adding a knowledge base. The entire site needs to be restricted to logged-in users, but certain pages need ...
miller9904's user avatar
1 vote
1 answer
124 views

Django permissions are present but has_perm() returns False

I'm working on the permissions on a Django 4.1 application. All these permissions are given by groups. First permission first problem: Permission codename: can_see_all_images appname for the ...
Tartempion34's user avatar
0 votes
1 answer
704 views

How to write permissions in a viewset with conditional statements in DRF?

I have a viewset written in DRF: class MyViewSet(ModelViewSet): serializer_class = MySerializer queryset = models.MyClass.objects.all() def get_serializer_class(self): permission =...
Waleed Farrukh's user avatar
0 votes
4 answers
501 views

How to apply permissions on perform_create in ViewSet DRF

This is my View Set: class MyViewSet(ModelViewSet): serializer_class = MySerializer queryset = MyClass.objects.all() def get_serializer_class(self): if self.request.user....
Waleed Farrukh's user avatar
0 votes
0 answers
117 views

Django share common permission across django app

I would like to know if there is a better way to implement common permission that is very similar across django app. For example, app1 need permission_x, app2 need permission_x, and app3 need ...
whoami's user avatar
  • 151
0 votes
1 answer
721 views

Permissions to edit only one field in a Model. Django

I am developing an app which will have different types of users, and the objective is that in a specific Model, it is completed in a community way. Example: 3 types of users: UserTotal, UserParcial, ...
Juan Manuel Amato's user avatar
0 votes
0 answers
814 views

Is it necessary add IsAuthenticated permissions to permission_classes in view that is inherited from LoginRequiredMixin

I have a class-based view called ProfileDetail. It is inherit LoginRequiredMixin from django.contrib.auth.mixins. And then set permission_classes = (IsAuthenticated,). Basically all client that view ...
whoami's user avatar
  • 151
2 votes
1 answer
121 views

View specified permission isn't replaced by default permission class

When I set default permission settings to "DEFAULT_PERMISSION_CLASSES": [ "rest_framework.permissions.AllowAny", ], and then define different permission for views like ...
famdude's user avatar
  • 147
1 vote
1 answer
883 views

How do I use permission_classes in a custom method of a Viewset in DjangoRestFramework?

Suppose that I have a Viewset named UserViewset, and I have assigned IsAuthenticated permission to UserViewset Viewset. Now, I want to create a normal method (not an action method), and I want to ...
Khubaib Khawar's user avatar
1 vote
1 answer
294 views

Adding permissions to user on the serializer

I'm trying to add/update permissions for users by id on the serializer, but nothing changed (no add no update) and I don't get any errors so I can't know where is the problem, I have tried several ...
Taha Omar's user avatar
0 votes
0 answers
94 views

Forbidden (CSRF cookie not set.): /auth for obtaining_auth_token

I am trying to get an auth token for the client (OrderClient.py). This keeps failing with Forbidden (CSRF cookie not set.): /auth. Here is my views from rest_framework.decorators import api_view,...
HENSEL WILSON GOVEAS's user avatar
1 vote
0 answers
46 views

Django superuser not allowed to edit this model

Since recently I need to work home, but Django is working against me. I'm having a very peculier issue. I clone the repo, create a MySQL schema, migrate, dump all the data from the server into my ...
Samoht's user avatar
  • 49
0 votes
1 answer
195 views

Django custom permission not being assigned to newly created User

This seems pretty trivial but I can't figure out what I'm doing wrong. I've checked several SO posts that sounded similar but the issue apparently lies elsewhere. I have a custom permission on my ...
ron_g's user avatar
  • 1,643
3 votes
0 answers
120 views

Object level permission at ORM level in Django

I have a Django application (mainly a rest API) with a completely custom User model (not inhered from Django). My authentication is based on JWT tokens. I would like to make sure a user cannot access ...
poiuytrez's user avatar
  • 22.5k
0 votes
2 answers
402 views

Handle Django Rest Framework permission when creating related objects

The has_object_permission method of a Permission on DRF obviously does not get executed on Create, since the object does not exist yet. However, there are use cases where the permission depends on a ...
CurlyError's user avatar
0 votes
1 answer
35 views

Why Django auto adds permissions to group?

Currently I'm making some groups for my backend and I noticed through the admin panel that the groups have some extra permissions I did not add. What is the cause of this behavior? models.py: ...
holyshilo111's user avatar
0 votes
1 answer
702 views

Implement Django permissions per group per user's companies

I have a CustomUser model, each user could be linked to multiple companies. I have initiated my application with 3 generic Django groups; viewer, editor, and supervisor and each user could be a member ...
Yasser Mohsen's user avatar
0 votes
1 answer
589 views

Pass argument to custom permision class in django

I have a custom permission class that extends the rest framework base permission. I am trying to pass an argument allowed_groups that will be a list of all the groups that have access to the ...
manu langat's user avatar
0 votes
1 answer
80 views

Adding permissions to a django rest api

I am working on a django rest api and i want to add permission to it . I decided to go with IsAuthenticatedOrReadOnly to allow none authenticated people to read only and allow authenticated people to ...
rira's user avatar
  • 11
0 votes
0 answers
92 views

Using session data ion custom permissions Django

I want to validate session data in custom permission, when i tried to access session data inside permissons it is showing None.Please help on this. class IsEmployee(permissions.BasePermission): def ...
mohammed fayeez's user avatar
0 votes
1 answer
444 views

How to refer or access the custom made permissions in `has_perm()` and `required_permissions`, in Django?

I want to know that how do I refer the custom made permissions in the has_perm() method of User Model and required_permissions attribute of PermissionRequiredMixin Class? Let's say I create the ...
Khubaib Khawar's user avatar
-1 votes
1 answer
466 views

How to create Workspaces and manage them for all the users in Django?

I have a complete Login and Registration system in my Django app, that lets me register users, log in users, logout users, change passwords, reset passwords, invite users. I have all the basic ...
Khubaib Khawar's user avatar
1 vote
0 answers
116 views

How to handle object specific permissions in django-river?

I have a use case for django-river where users can approve some objects (database records) in a model but not all of them. I need to check if a user can approve a transition programmatically as a user ...
Basel's user avatar
  • 1,276
0 votes
1 answer
77 views

DRF Model Permission denying access to authenticated user

I'm getting a permission denial error but, if I'm understanding things correctly, the permissions should already have been assigned. class UserList(generics.ListCreateAPIView): queryset = User....
Mr.Andor's user avatar
1 vote
1 answer
135 views

Django Permissions traversal across multiple foreign keys

I have 4 core entity models: User Can be an Owner or Participant on a Collection Collection Recipe A recipe has a foreign key to a collection Steps A step has a foreign key to a recipe In order ...
SimaPro's user avatar
  • 1,234
0 votes
0 answers
320 views

"permission matching query does not exist" errors i encounter with django guardian

Am trying to enable my website users block other users they don't want again as friends just like we can on Facebook. I decided to implement it with Django guardian. when a user clicks a button, a ...
Emmanuel C. O Peters's user avatar

1
2 3 4 5
9