Djangoframework~30 mins

Group-based permissions in Django - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Perf

Group-based permissions

📖 Scenario: You are building a Django web app where users belong to groups that control what they can do. You want to set up groups and assign permissions to control access.

🎯 Goal: Create groups with specific permissions and assign users to these groups to manage access control in your Django app.

📋 What You'll Learn

Create groups named exactly Editors and Viewers

Assign the permission add_article to the Editors group

Assign the permission view_article to the Viewers group

Assign a user named john to the Editors group

💡 Why This Matters

🌍 Real World

Many web apps need to control what users can do. Group-based permissions let you manage access easily by assigning users to groups with specific rights.

💼 Career

Understanding group-based permissions is essential for backend developers working with Django to build secure and maintainable applications.

Progress0 / 4 steps

Create groups

Create two groups named exactly Editors and Viewers using Django's Group model.

Django

from django.contrib.auth.models import Group

# Create groups Editors and Viewers
# Your code here

Need a hint?

Use Group.objects.create(name='GroupName') to create groups.

Assign permissions to groups

Assign the permission add_article to the Editors group and the permission view_article to the Viewers group. Use Django's Permission model and add permissions to the groups.

Django

from django.contrib.auth.models import Group

Editors = Group.objects.create(name='Editors')
Viewers = Group.objects.create(name='Viewers')

from django.contrib.auth.models import Permission

# Assign add_article permission to Editors
# Assign view_article permission to Viewers
# Your code here

Need a hint?

Use Permission.objects.get(codename='permission_codename') to get permissions and then add them to groups with group.permissions.add(permission).

Assign user to group

Assign the user named john to the Editors group. Use Django's User model to get the user and add the group.

Django

from django.contrib.auth.models import Group

Editors = Group.objects.create(name='Editors')
Viewers = Group.objects.create(name='Viewers')

from django.contrib.auth.models import Permission

add_article_perm = Permission.objects.get(codename='add_article')
view_article_perm = Permission.objects.get(codename='view_article')

Editors.permissions.add(add_article_perm)
Viewers.permissions.add(view_article_perm)

from django.contrib.auth.models import User

# Get user john and add to Editors group
# Your code here

Need a hint?

Use User.objects.get(username='john') to get the user and then john.groups.add(Editors) to add the group.

Save changes and verify

Save the user john after adding the group and verify that john has the add_article permission through the group.

Django

from django.contrib.auth.models import Group

Editors = Group.objects.create(name='Editors')
Viewers = Group.objects.create(name='Viewers')

from django.contrib.auth.models import Permission

add_article_perm = Permission.objects.get(codename='add_article')
view_article_perm = Permission.objects.get(codename='view_article')

Editors.permissions.add(add_article_perm)
Viewers.permissions.add(view_article_perm)

from django.contrib.auth.models import User

john = User.objects.get(username='john')
john.groups.add(Editors)

# Save john and check if john has add_article permission
# Your code here

Need a hint?

Call john.save() to save changes. Use john.has_perm('app_label.add_article') to check permission (replace app_label with your app's label).