How to get a group with list of all associated permissions in Django?
I thought
group.permissions
gives error "auth.Permission.None"
But there are permissions assigned to the group.
Try use group.permissions.all()
Documentation Link
Related
I am developing a Django website where I can create groups, where permissions can be assigned. I can also assign groups to users.
There is a simple way to check if a user has a permission:
user.has_perm('app_name.permission_code_name')
What I want to know is if there is a simple way to check if a specific group has a permission (without involving the user at all)?
You can do something like this:
for group in Group.objects.all():
permissions = group.permissions.all()
# do something with the permissions
Or, a better way would be:
group_ids = Group.objects.all().values_list('id', flat=True) Permission.objects.filter(group__id__in=group_ids)
This link may be able to help you further.
I am creating a group, added permissions to that group and assigning that group to a user (as shown in below code):
new_group, created = Group.objects.get_or_create(name=grp_name)
permission_obj = Permission.objects.get(name=permission)
new_group.permissions.add(permission_obj)
user.groups.add(new_group)
This code works properly but in admin interface the 'user permissions' section is not showing added group permissions
If you assign permissions using a group, they do not show in the "User Permissions" section. That section is only for assigning individual permissions to one user, rather than using groups which are better suited to applying multiple permissions to many users.
Basically I would like to have a permission system like Linux file system. I want to classify the permissions whether the user is in the same group as the owner (creator) of the object.
Example scenario:
User can change objects created by someone in the same group as them.
Group Admins can change and delete any object created by users in their group.
Is it possible to do this with default django permission system? If not, is there a package you could recommend?
I hope I am not missing anything basic in django docs but I couldn't find a way to accomplish this.
I am trying to retrieve all groups for a member, Link. I have noticed that if a group that has all the users, it will not be retrieved.
Any idea how to solve this issue?
I have tried the same scenario in API explorer and retrieved the group that has all the users. Just added the domain and userKey parameters and i can see the group in the list.
In Jira (4.0), under Global Permissions, I have the Jira Users group containing two groups, jira-users and jira-login. When I started at this company, there was only the jira-users group, but I added jira-login so that I could remove users from jira-users and still have them be able to login. Everyone with jira-users permissions has specific permissions across every project in Jira and I didn't want to have to change that group's access on every project/permissions scheme affected.
Ultimately, what I'm trying to do is have a new group, Suppliers, have limited access to our projects. So a supplier is a member of jira-login and Suppliers only. Regular users are members of both jira-login and jira-users, although since they are a part of jira-users, they can still login without being part of the jira-login group.
The problem I'm having is that suppliers can see the projects that I want them to, but also a few projects that I didn't give them permissions to see. I want to remove the visibility of these unwanted projects for suppliers. NOTE: to let the suppliers see the select projects, I added the Suppliers group the the Users project role on each project that I want them to see.
Under project roles for each of this unwantedly visible projects, the only groups that have access to the Users (or any other project role besides admin) is jira-users. I have no idea how people outside of the jira-users group can see these projects.
I cannot seem to find the common denominator scheme/setting that these suppliers have. Certainly the newly created jira-login group doesn't have any sort of access that I didn't enter in manually. Right?
Any suggestions? Thanks.
Instead of having a jira-login and jira user group it might be better to create new groups that don't involve the jura-user group(this might cause odd behavior). From what I have read it seems that all users need to be a part of the Jira-users group to even log in.
Then having permission schemes that only include the groups that you want should be able to lock out unauthorized groups.
The ability to view issues is controlled by the Browse Projects permission. Check the permission scheme for a group that Suppliers can unexpectedly view and see who has that permission. It may be a group or a role. Remove the Suppliers from that and they won't be able to view that project's issues.
More info at http://confluence.atlassian.com/display/JIRA/Managing+Project+Permissions
The issue was caused by having either "Current Assignee" or "Reporter" in the "Browse Project" permission. Strange behavior. Watch out for this one.