User Groups with Custom Permissions in Django

You must have encountered with situations like trip booking services with different plans and packages or gym plan with different subscription level. The thing here is that there is a list of product which you get only on subscribing to different packages that are provided by the different companies. The generic idea followed is the level wise distribution of different products.

Let’s take the Tour subscription package over the internet.

There are different offers/plan/packages like:

  • Starter plan:- In this package, you will get the facility of non-AC bus travel and 1 day stay in a non-AC room only. Let’s say the trip is to Haridwar (a religious place in Uttarakhand).
  • Golden Plan:- It will be somewhat costly than the Starter Plan. In this plan you will be given all a 2-day stay in a non-AC room, traveling in an AC bus and the trip will be to Haridwar, Rishikesh, and Mussoorie.
  • Diamond Plan:- This is the most costly plan, in which you will be provided a 3-day plan with AC bus, and AC room stays along with a trip to Haridwar, Rishikesh, and Mussoorie and and extra trip to a Water Park.

Well, I just tried to give you a very simple example. Now our main objective is to design and write code of its back-end in a very efficient way (following the DRY Principle).

While working with iToucan I was responsible to design and develop code for the similar kind of problem statement. I found multiple methods of its implementation in Django but the most suitable and efficient method I found is grouping the Users and defining the permissions of these Groups. The permission will automatically be categories based on the group. The user/object of a particular group will automatically inherit the permission of that group to which it belong to.

Okay, Let’s Code and define the User model.

  1. Create a Django application users and defined it’s users/models.py

2. By Programmatically creating a group with permissions :- Open Django shell by python manage.py shell and did the following.

https://gist.github.com/theparadoxer02/20c83757f7ab2fe7927c3360b0740a01

We will set a different set of permissions in the same way for all the three groups.Until now we have made groups and linked it with custom permissions that we made.

Now we have to check whether a particular user is accessing the appropriate functionality like, we have to put a limit that level0 does not access the functionalities of level1users or level2user and so on. To do this we will have to check the permission on every view function that we made.

Note: The function based view we will simply use the custom decorator.

For example:-

@group_required(‘level0’)
def my_view_fucntion(request):
pass

For group_required decorator refer this link.

Well above code was for implementation in function based views, the things get a bit complex when we talk about class-based views, we can not simply just add a decorator function, but we have to make a permission-mixing class.

For example:-

class GroupRequiredMixin(object):
'''
Class Definition'''
pass
class DemoView(GroupRequiredMixin, View):
group_required = [u’admin’, u’manager’]

For more mixing part you can take help from these github gists:

References:

This is how I achieved multi-level User hierarchy in Django.

Please comment for any kind of confusion/suggestions etc. Also Follow me as I write mostly about Python, Blockchain and Web development using Django .
Thanks for reading & Happy hacking :)