TechQA.

django-guardian custom user permissions

2k views Asked by At

Setup

I've just started working with django-guardian and have straight away run into some obstacles. I'm using custom users by extending the AbstractBaseUser class. I followed this example to setup my models.py and admin.py. I also followed the developers guide configuration guide to setup guardian.

Problem

django-guardian throws a AttributeError: type object 'MyCustomUser' has no attribute 'groups' error (MyCustomUser is my custom user class) whenever I try to get permissions pertaining to a user i.e. when I add a permission, it goes straight into the guardian_userobjectpermission table, like it should. However, calls to get_perms throw the mentioned error.

The same error appears while trying to edit permissions via the admin page. (progmatically added permissions don't show up here. :/) I wrote a small manage.py task to test it:

class Command(BaseCommand):
    def handle(self, *args, **options):
        user1 = MyCustomUser.objects.filter(username='pankaj')[0]
        checker = ObjectPermissionChecker(user1)

        # model on which permissions are applied
        stream = Stream.objects.filter(uuid='001')[0]   

        # works on the database level, doesn't show up on admin page
        assign_perm('read_stream', user1, stream)

        # error
        print 'read_stream' in get_perms(user1, stream)

        # error
        print checker.has_perm('read_stream', stream)

        # error
        print checker.get_perms(stream)

        # works on the database level, doesn't show up on admin page
        remove_perm('read_stream', user, stream)

        # ALWAYS returns True, irrespective of whether permission granted or not
        print user.has_perm('read_stream', stream)

Possible Solution

  1. There might be a problem with setting up the authentication backend. I currently have it set to:

    AUTHENTICATION_BACKENDS = (

    'django.contrib.auth.backends.ModelBackend',

'guardian.backends.ObjectPermissionBackend',

    )

  2. Maybe implementing a custom user => changing/implementing custom groups? Currently I have admin.site.unregister(Group) in admin.py, but changing it doesn't help.

  3. As the developer has warned, guardian might not be compatible with custom users?

python django django-models user-permissions django-guardian
Original Q&A
1

There are 1 answers

0
Moamen On

According to django-guardian documentations here. Gaurdian was depending heavily on the old fashion of django user model. But you can get through it, if you extend AbstractUser model, or defined ManyToMany relation with auth.Group could groups in your authentication model.

django-guardian relies heavily on the auth.User model. Specifically it was build from the ground-up with relation beteen auth.User and auth.Group models. Retaining this relation is crucial for guardian - without many to many User (custom or default) and auth.Group relation django-guardian will BREAK.

Related Questions in PYTHON

Related Questions in DJANGO

Related Questions in DJANGO-MODELS

Related Questions in USER-PERMISSIONS

Related Questions in DJANGO-GUARDIAN

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions