permission_required decorator not working for me

Question

I can\'t figure out why the permission required decorator isn\'t working. I would like to allow access to a view only for staff members. I have tried

@permission         


        

Answer 1

This works for me on my 'project' table/model:

@permission_required('myApp.add_project')
def create(request):
    # python code etc...

Obviously change the add_project to the add_[whatever your model/table is]. To edit it would be:

@permission_required('myApp.edit_project')

and to delete:

@permission_required('myApp.delete_project')

But I found that the key thing is to make sure your auth tables are set up correctly. This is what caused me problems. Here is a MySQL SQL query I wrote to check permissions if you are using groups. This should work in most dBs:

select usr.id as 'user id',usr.username,grp.id as 'group id',grp.name as 'group name',grpu.id as 'auth_user_groups',grpp.id as 'auth_group_permissions',perm.name,perm.codename
from auth_user usr
left join auth_user_groups grpu on usr.id = grpu.user_id
left join auth_group grp on grpu.group_id = grp.id
left join auth_group_permissions grpp on grp.id = grpp.group_id
left join auth_permission perm on grpp.permission_id = perm.id
order by usr.id;

I found that my permissions were not set up correctly, and also watch out for the django_content_type table which must have rows for each app and table for each of add, edit, delete. So if you have a project table you should see this in django_content_type:

id           [generated by dB]
app_label    myApp
model        project

If you are having trouble another good idea is to enable and use the django admin app. This will show you where your problems are, and by setting up some test permissions, users and groups you can then examine the tables discussed above to see what is being inserted where. This will give you a good idea of how auth permissions works.

I write this to maybe save someone from having to spend a few hours figuring out what I did!