20.3.1 Permissions in the Shell

At the moment, we have a single superuser in our database. Having a superuser is not particularly helpful, because the superuser by default has access to all permissions. We can use the has_perm() method on the User model to check this with all of the permissions automatically generated for our blog app, as shown in Example 20.8.

Example 20.8: Python Interpreter Code

>>> andrew = User.objects.get(username='andrew') >>> andrew.is_superuser True >>> andrew.has_perm('blog.add_post') True >>> andrew.has_perm('blog.change_post') True >>> andrew.has_perm('blog.delete_post') True

For each model, the auth app generates a permission to control whether the user can create, modify, or delete ...

Get Django Unleashed now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.