Django’s Permission model allows for fine-grained control over what users can do. By default, it includes permissions such as add, change, and delete for each model.
from django.contrib.auth.models import Permission
from django.contrib.contenttypes.models import ContentType
# Create a permission for a model
content_type = ContentType.objects.get_for_model(Book)
permission = Permission.objects.create(
codename='can_publish',
name='Can Publish Books',
content_type=content_type
)
# Assign permission to a user
user = User.objects.get(username='johndoe')
user.user_permissions.add(permission)
Groups are a way to organize users and assign them a set of permissions. You can create a group and assign multiple users to it.
from django.contrib.auth.models import Group
# Create a group and assign permissions
group = Group.objects.create(name='Editors')
group.permissions.add(permission)
# Add user to the group
user = User.objects.get(username='johndoe')
user.groups.add(group)