0
0
Djangoframework~20 mins

Built-in permission system in Django - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf
Challenge - 5 Problems
🎖️
Django Permissions Master
Get all challenges correct to earn this badge!
Test your skills under time pressure!
component_behavior
intermediate
2:00remaining
What is the output of this Django permission check?
Consider a Django view where a user tries to access a resource. The code snippet below checks if the user has the permission 'app.view_resource'. What will be the output if the user does NOT have this permission?
Django
if request.user.has_perm('app.view_resource'):
    result = 'Access granted'
else:
    result = 'Access denied'
print(result)
AAccess granted
BAccess denied
CPermissionError exception raised
DFalse
Attempts:
2 left
💡 Hint
Remember that has_perm returns a boolean indicating if the user has the permission.
state_output
intermediate
2:00remaining
What is the value of user.get_all_permissions() after adding a group?
Given a user with no permissions initially, you add the user to a group that has the permission 'app.change_item'. What will user.get_all_permissions() return?
Django
group = Group.objects.create(name='Editors')
permission = Permission.objects.get(codename='change_item')
group.permissions.add(permission)
user.groups.add(group)
perms = user.get_all_permissions()
A{'app.change_item'}
B{'change_item'}
Cset()
D['app.change_item']
Attempts:
2 left
💡 Hint
get_all_permissions returns a set of strings in the format 'app_label.codename'.
📝 Syntax
advanced
2:00remaining
Which option correctly assigns a permission to a user?
You want to assign the permission 'app.delete_post' to a user instance. Which code snippet correctly does this?
Auser.user_permissions.add(Permission.objects.get(codename='delete_post'))
Buser.user_permissions.add(Permission('app.delete_post'))
Cuser.user_permissions.add('app.delete_post')
Duser.user_permissions.add('delete_post')
Attempts:
2 left
💡 Hint
user_permissions.add expects Permission model instances, not strings.
🔧 Debug
advanced
2:00remaining
Why does this permission check always fail?
A developer writes this code to check if a user has permission to add an object: if user.has_perm('app.add_model'): print('Can add') else: print('Cannot add') But it always prints 'Cannot add' even though the user has the permission assigned. What is the likely cause?
AThe user object is not authenticated, so has_perm always returns False.
BThe has_perm method requires the full permission name including the app label and model name separated by a dot, but 'app.add_model' is missing the app label.
CThe permission string should be 'app.add_models' plural, not singular.
DThe permission codename is incorrect; it should be 'add_modelname' with the exact model name in lowercase.
Attempts:
2 left
💡 Hint
Check the exact permission codename format Django uses.
🧠 Conceptual
expert
2:00remaining
Which statement about Django's built-in permission system is TRUE?
Select the correct statement about how Django's built-in permission system works.
ACustom permissions cannot be added to models without modifying Django's core code.
BPermissions are stored as strings and checked by comparing strings manually in views.
CDjango automatically creates add, change, delete, and view permissions for each model.
DPermissions are only assigned directly to users; groups do not affect permissions.
Attempts:
2 left
💡 Hint
Think about what Django does automatically when you create models.