20.3.1 Permissions in the Shell

At the moment, we have a single superuser in our database. Having a superuser is not particularly helpful, because the superuser by default has access to all permissions. We can use the has_perm() method on the User model to check this with all of the permissions automatically generated for our blog app, as shown in Example 20.8.

Example 20.8: Python Interpreter Code

>>> andrew = User.objects.get(username='andrew') >>> andrew.is_superuser True >>> andrew.has_perm('blog.add_post') True >>> andrew.has_perm('blog.change_post') True >>> andrew.has_perm('blog.delete_post') True

For each model, the auth app generates a permission to control whether the user can create, modify, or delete ...

Get Django Unleashed now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.