Group-based permissions help you manage user access easily by assigning permissions to groups instead of individual users.
from django.contrib.auth.models import Group, Permission # Create a group editors = Group.objects.create(name='Editors') # Add permissions to the group permission = Permission.objects.get(codename='change_article') editors.permissions.add(permission) # Assign a user to the group user.groups.add(editors)
Use Group.objects.create(name='GroupName') to make a new group.
Permissions are linked to models and have codenames like add_modelname, change_modelname, or delete_modelname.
from django.contrib.auth.models import Group, Permission # Create a group named 'Moderators' moderators = Group.objects.create(name='Moderators')
permission = Permission.objects.get(codename='delete_comment')
moderators.permissions.add(permission)user.groups.add(moderators)
This example creates an 'Editors' group, adds the 'change_article' permission, assigns a user 'alice' to this group, and checks if she has the permission.
from django.contrib.auth.models import User, Group, Permission # Create a group editors = Group.objects.create(name='Editors') # Get permission to change articles change_article_perm = Permission.objects.get(codename='change_article') # Add permission to group editors.permissions.add(change_article_perm) # Create a user user = User.objects.create_user(username='alice', password='password123') # Add user to group user.groups.add(editors) # Check if user has permission has_perm = user.has_perm('app_label.change_article') print(f"User 'alice' has change_article permission: {has_perm}")
Always use the full permission name with app label when checking permissions, like app_label.codename.
Groups make it easier to manage many users with the same permissions.
Remember to migrate your database after adding new permissions or models.
Group-based permissions let you assign permissions to many users at once.
Use groups to organize users by roles and simplify access control.
Check permissions with user.has_perm('app_label.codename').