How To Get a List Of All User Permissions Available in Django Based Project

Django comes with a simple permissions system. It provides a way to assign permissions to specific users and groups of users. The system adds "change, remove and add" permissions automatically to every model class. And it's pretty easy to add custom permissions to a model class, like this:

 

 

1
2
3
4
5
6
7
  1. class Product(models.Model):
  2. # Model fields go here
  3. ...
  4. class Meta:
  5. permissions = (
  6. ("can_see_dealer_price", "Can see dealer price"),
  7. )

And then you can check if the current user has permission:
1) be it inside Django template:

1
2
3
  1. {% if perm.shop.can_see_dealer_price %}
  2. {{ dealer_price }}
  3. {% endif %}


2) or inside python code, the most naive way is: 

1
2
  1. if request.user.has_permission('shop.can_see_dealer_price'):
  2. # do something with it


3) For more ways to check if user has a permission, please refer to Django docs: https://docs.djangoproject.com/en/1.11/topics/auth/default/#topic-authorization

You may have already noticed the pattern of how a permission gets registered: <app_name>.<permission_slug>

And now the best part: while developing, you may get lucky and guess this pattern all the time, or you can scratch your head (like me) everytime you need to figure out what's the correct name of so much needed permission is.

I couldn't find a sane way of figuring out permission names easily, so I came up with a little management command that allows me to list all permissions available in the system, here's the code, please read my comments in the code if you want to understand what's happening:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
  1. from django.contrib import auth
  2. from django.contrib.auth import get_user_model
  3. from django.core.management.base import BaseCommand
  4. class Command(BaseCommand):
  5. help = 'Get a list of all permissions available in the system.'
  6. def handle(self, *args, **options):
  7. permissions = set()
  8. # We create (but not persist) a temporary superuser and use it to game the
  9. # system and pull all permissions easily.
  10. tmp_superuser = get_user_model()(
  11. is_active=True,
  12. is_superuser=True
  13. )
  14. # We go over each AUTHENTICATION_BACKEND and try to fetch
  15. # a list of permissions
  16. for backend in auth.get_backends():
  17. if hasattr(backend, "get_all_permissions"):
  18. permissions.update(backend.get_all_permissions(tmp_superuser))
  19. # Make an unique list of permissions sorted by permission name.
  20. sorted_list_of_permissions = sorted(list(permissions))
  21. # Send a joined list of permissions to a command-line output.
  22. self.stdout.write('\n'.join(sorted_list_of_permissions))

Put this code inside <your_django_app>/management/commands/get_all_permissions.py and then run python manage.py get_all_permissions

You should get a list of permissions that looks more or less like this:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
  1. account.add_emailaddress
  2. account.add_emailconfirmation
  3. account.change_emailaddress
  4. account.change_emailconfirmation
  5. account.delete_emailaddress
  6. account.delete_emailconfirmation
  7. auth.add_group
  8. auth.add_permission
  9. auth.change_group
  10. auth.change_permission
  11. auth.delete_group
  12. auth.delete_permission
  13. ...
  14. sessions.add_session
  15. sessions.change_session
  16. sessions.delete_session
  17. sites.add_site
  18. sites.change_site
  19. sites.delete_site
  20. users.add_user
  21. users.change_user
  22. users.delete_user

Voila, now you have an easy lookup in user permissions.

I packaged this code into a little module called Django Debug Permissions and published it on PYPI.

Feel free to install it via PIP:

1
  1. pip install django-debug-permissions

Github repo can be found here: https://github.com/timonweb/django-debug-permissions.