From the course: Securing Django Applications
Setting up per-object permissions in Django - Django Tutorial
From the course: Securing Django Applications
Setting up per-object permissions in Django
- When you have data models in Django, the permissions to add, modify or delete that data depends on the logic you implement in your views. Without fine grain security checks, any user could access another user's data and even modify it if the security check is poorly coded. We're going to begin by adding the guardian app to the installed apps list, in our settings file. And we're going to scroll down to the authentication backends, and we're going to be adding the object permission backend from guardian, and then ,we're going to be running the migrations. As you can see, guardian is part of the list of migrations, it provides its own migrations for object permissions.
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
Setting up per-object permissions in Django59s
-
(Locked)
Enabling per-object permissions in Django3m 47s
-
(Locked)
Unit test for per-object permissions in Django2m 48s
-
(Locked)
Creating a group permissions model4m 27s
-
(Locked)
Unit test for access control and group permissions3m 38s
-
(Locked)
Adding activity logs for auditing3m 4s
-
(Locked)
Deleting objects in an audit/compliance-compatible way3m 46s
-
-
-
-
-
-