A grid of all packages implementing permissions for users and groups in your Django project.
Please fell free to verify and update features for listed apps or add another app if you know one.
| Feature | Description |
|---|---|
| Object-level | Support for permissions assigned per object. |
| Assignment | How do you assign permissions for objects? |
| Declaration | Do you declare permissions for models? How? |
| Inheritance | Permissions inheritance from related objects. |
| Logical checks | Support for permission checked dynamically, e.g. can view entry no older than one month. |
| Decorator | Object-level decorator for views. |
| Database | Is a database required? If not, how are permissions stored? |
| Templatetag | Permissions checks in templates via tags. |
| Django 1.2 backend | See: http://docs.djangoproject.com/en/dev/releases/1.2/#object-level-permissions . |
| Roles | Support for roles in permissions. |
| Field level | Supports permissions at the field level of models |
| Model-level | Support for model-level perms (either on its own or by seamless integration with django.contrib.auth permissions). |
| Cascade update | Support for cascade update of related objects, e.g. if added view or change perm for the product, then add view perm for the product category. |
| Any-to-any | Permissions for any object to any other object. |
| Package | django-guardian | django-oso | rules | drf-extensions | djangorestframework-api-key | DRF Access Policy | django-role-permissions | django-authority | django-prbac | Tabular Permissions Widget | django-permissions-policy | django-permission | Django-Access | drf-psq | Django Debug Permissions | django-permissions-auditor | serious-django-permissions | restframework-serializer-permissions | Django Permafrost | django-hats | django-simple-perms | django-http-451 | giaola-role-permissions | django-roles | django-improved-permissions | django-auth-utils | django-flexible-permissions | django-bop | django-pobject | django-global-permissions | django-custodian | django-acl | Django Object Permissions | django_sieve | django-generic-permissions | django-trusts | django-acl | django-permissions | django-rubberstamp | django-finegrained-permissions | django-admin-view-permission | django-permissionsx | django-field-permissions | django-rulez | django-permission-backend-nonrel | django-extauth | django-hierarchical-auth | carteblanche | django-rbac | dry-rest-permissions | django-objectpermissions | django-rules |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Description |
Per object permissions for Django |
Oso is a batteries-included framework for building authorization in your application. |
Awesome Django authorization, without the database |
DRF-extensions is a collection of custom extensions for Django REST Framework |
🔐 API key permissions for Django REST Framework |
Declarative access policies/permissions modeled after AWS' IAM policies. |
A django app for role based permissions. |
A Django app that provides generic per-object-permissions for Django's auth app and helpers to create custom permission checks. |
Display Django permissions in a HTML table that is translatable and easily customized. |
Set the draft security HTTP header Permissions-Policy (previously Feature-Policy) on your Django app. |
[Not maintained] An enhanced permission system which support object permission in Django |
Django-Access - the application introducing dynamic evaluation-based instance-level (row-level) access rights control for Django |
The simplest and most general way to manage action-based permissions, serializers, and querysets dependent on permission-based rules for the Djang... |
Get a list of all user permissions available in the system |
Tool to audit access control on your django app. |
A Django extension to define and use Groups and Permissions from a central place, per app. |
Drop in replacement for Django Restframework Serializers to add permission based field serialization. |
Adds User Definable Permissions to Django |
Role-based permissions system for Django. Everyone wears a different hat, some people wear multiple. |
Django implementation for HTTP451 |
A django app for role based permissions. |
Django Roles with Role-Group-Permission-User |
Django application made to make django's default permission system more robu... |
Django authentication and authorization utilities |
A Django app that combines object-level table permissions with model relations to avoid normalization of data while providing an extremel... |
Basic Object-level Permissions for django 1.2+ |
An expressive and concise mini permission module for Django views. |
Global permissions for Django |
The application django-custodian wrap and extend django.contrib.auth module providing a exaustive and granular approach to authorizations and permissions management. I... |
This is an implementation of Object Permissions, a.k.a. row level permissions. Object Permissions allow you to assign a permission t... |
Serve user-wise data beautifully, minimally and correctly. |
A simple Authentication Backend to manage specific permissions. |
Django authorization add-on for multiple organizations and object-level permission settings |
Access Control Lists for django aka per-row permissions. Largely inspired on phpBB's ACL. Support for roles. |
Permissions manager and backend for Django 1.2, supporting object permissions and application-specific permissions. |
Permissions per field instead of per model for django |
Reusable application which provides a view permission for the existing models. |
PermissionsX - Authorization for Django |
A starting place for field-level permissions |
A lean and mean object-level rules system for the Django framework |
An authentication backend that supports Django's user and group permissions on Django-nonrel |
Extended authorization framework for Django, including field-level permissions and role-based permissions |
Extends django auth allowing hierarchical permissions |
Module to align code with thoughts of users and designers. Also magically handles navigation and permissio... |
Role-based Access Control (RBAC) implementation for management of permissions in Django. Allows a fine-grained (row level) permission assignment. Perfect fo... |
Rules based permissions for the Django Rest Framework |
An app to add object-level/row-level permissions to users and groups. Each model can have different permissions. |
Flexible and scalable Django authorization backend for unified per object permission management |
||||
| Category | App | App | App | App | App | Other | App | App | App | App | App | Framework | App | App | App | App | App | Other | App | App | App | App | Other | App | App | App | App | App | Other | App | App | App | App | App | App | App | App | Framework | App | Other | App | App | App | App | App | App | App | Other | App | App | App | App |
| # Using This |
80
|
2
|
20
|
6
|
0
|
0
|
6
|
3
|
0
|
1
|
0
|
3
|
2
|
0
|
0
|
0
|
0
|
0
|
0
|
1
|
1
|
0
|
1
|
1
|
2
|
1
|
2
|
0
|
1
|
0
|
0
|
0
|
0
|
0
|
1
|
1
|
0
|
5
|
0
|
0
|
3
|
1
|
0
|
6
|
3
|
0
|
1
|
1
|
0
|
2
|
0
|
3
|
| Python 3? | ||||||||||||||||||||||||||||||||||||||||||||||||||||
| Development Status | Production/Stable | Beta | Production/Stable | Production/Stable | Beta | Unknown | Production/Stable | Production/Stable | Alpha | Production/Stable | Production/Stable | Production/Stable | Beta | Unknown | Beta | Production/Stable | Unknown | Unknown | Alpha | Production/Stable | Unknown | Unknown | Production/Stable | Unknown | Unknown | Alpha | Unknown | Beta | n/a | Pre-Alpha | n/a | Unknown | Unknown | Pre-Alpha | Production/Stable | Beta | n/a | Production/Stable | n/a | Beta | Production/Stable | Production/Stable | n/a | Unknown | n/a | n/a | Unknown | Unknown | Beta | Production/Stable | Unknown | n/a |
| Last updated | Nov. 14, 2021, 1:19 p.m. | Sept. 24, 2021, 1:55 p.m. | Nov. 13, 2021, 3:43 a.m. | Aug. 2, 2021, 1:34 a.m. | Sept. 24, 2021, 6:07 a.m. | Aug. 29, 2021, 3:20 p.m. | Jan. 4, 2021, 10:54 a.m. | Oct. 27, 2021, 6:59 a.m. | Jan. 18, 2021, 2:15 p.m. | Dec. 10, 2021, 5:07 a.m. | Sept. 28, 2021, 2:05 p.m. | March 4, 2020, 5:19 a.m. | April 22, 2020, 3:22 a.m. | Feb. 26, 2021, 12:51 p.m. | May 14, 2020, 3:56 a.m. | May 20, 2021, 4:11 p.m. | June 19, 2021, 11:36 a.m. | April 6, 2021, 9:24 a.m. | April 16, 2021, 12:57 p.m. | July 22, 2019, 9:57 a.m. | Jan. 10, 2019, 3:22 p.m. | Nov. 3, 2018, 5:13 a.m. | Aug. 28, 2018, 5:42 a.m. | Jan. 28, 2015, 4:04 p.m. | Nov. 27, 2018, 5:56 a.m. | Nov. 15, 2017, 5:47 a.m. | Dec. 10, 2015, 9:21 p.m. | Oct. 20, 2011, 9:16 a.m. | March 4, 2011, 11:24 a.m. | Oct. 10, 2018, 1:11 p.m. | Nov. 10, 2011, 7:31 p.m. | Oct. 8, 2015, 7:49 p.m. | June 6, 2013, 6:33 p.m. | June 4, 2014, 3:59 p.m. | Jan. 9, 2013, 10:47 p.m. | April 30, 2016, 3:17 a.m. | Aug. 23, 2009, 4:17 p.m. | June 21, 2015, 12:25 p.m. | Oct. 28, 2010, 6:27 p.m. | Oct. 6, 2013, 2:36 p.m. | Dec. 2, 2018, 4:45 p.m. | Nov. 3, 2017, 8:01 p.m. | May 1, 2016, 3:25 a.m. | Jan. 13, 2018, 2:04 p.m. | April 9, 2011, 4:27 p.m. | Dec. 10, 2011, 8:42 p.m. | Jan. 5, 2011, 3:03 p.m. | July 3, 2014, 11:51 a.m. | March 31, 2010, 11:04 p.m. | Jan. 31, 2018, 9:27 a.m. | Oct. 8, 2010, 7:23 a.m. | July 16, 2011, 11:32 a.m. |
| Version | 2.4.0 | 0.21.0 | 3.0 | 0.7.1 | 2.1.0 | 1.1.0 | 3.1.1 | 0.14 | 1.0.1 | 2.9 | 4.3.0 | 1.0.5 | n/a | 1.1.0 | 1.0.0 | 1.0.4 | 0.17 | 0.0.2 | 0.2.15 | 1.1.2 | 0.2.8 | 0.1 | 1.2.0 | 0.0.4 | 0.2.2 | 0.1.1 | 1.0.7 | 0.3 | n/a | 0.2.4 | n/a | 0.1.3 | 1.4.6 | 1.0.0 | 0.1.0 | 0.10.3 | n/a | 1.2.2 | n/a | 0.0.1 | 1.9 | 2.0.0 | n/a | 1.0.2 | n/a | n/a | 1.4.6 | 1.0.0 | 0.9 | 0.1.10 | 0.3.3 | n/a |
| Repo | GitHub | GitHub | GitHub | GitHub | GitHub | GitHub | GitHub | GitHub | GitHub | GitHub | GitHub | GitHub | GitHub | GitHub | GitHub | GitHub | GitHub | GitHub | GitHub | GitHub | Bitbucket | GitHub | GitHub | GitHub | GitHub | GitHub | GitHub | GitHub | Bitbucket | GitHub | Bitbucket | GitHub | GitHub | GitHub | GitHub | GitHub | Bitbucket | GitHub | GitHub | GitHub | GitHub | GitHub | GitHub | GitHub | Bitbucket | Bitbucket | GitHub | GitHub | Bitbucket | GitHub | GitHub | GitHub |
| Commits | ||||||||||||||||||||||||||||||||||||||||||||||||||||
| Stars | 3113 | 1498 | 1374 | 1221 | 378 | 272 | 498 | 251 | 107 | 49 | 46 | 303 | 53 | 22 | 26 | 10 | 8 | 7 | 6 | 21 | 2 | 3 | 8 | 2 | 15 | 9 | 3 | 2 | 2 | 28 | 3 | 5 | 4 | 6 | 4 | 13 | 5 | 13 | 7 | 11 | 151 | 39 | 23 | 63 | 16 | 21 | 20 | 42 | 65 | 360 | 87 | 148 |
| Repo Forks | 533 | 60 | 110 | 194 | 56 | 29 | 103 | 55 | 35 | 8 | 3 | 46 | 2 | 4 | 1 | 1 | n/a | n/a | 1 | n/a | n/a | 1 | 1 | n/a | 2 | n/a | 1 | n/a | n/a | 8 | n/a | n/a | 2 | 1 | 1 | 2 | 2 | 11 | n/a | 2 | 42 | 4 | 18 | 17 | n/a | 2 | 6 | 3 | 4 | 60 | 10 | 11 |
| Participants |
lukaszb
brianmay ad-m michael-k johnthagen bsvetchine mitar ggreer troygrosfield xordoquy more... |
gj
dhatch saolsen samscott89 leina05 plotnick gkaemmer gw000 samraper joshrotenberg more... |
dfunckt
zerolab dyve ticosax mlsen thedrow orf pjsier danlamanna eviltwin more... |
auvipy
chibisov pratyushmittal rpkilby OskarPersson maryokhin alexander-akhmetov codingjoe joehybird tuky more... |
florimondmanca
spaceofmiah biancaG brittandeyoung guilleijo jaswanthm jeancochrane jeffgodwyll tony UtkucanBykl |
rsinger86
dependabot[bot] BarnabasSzabolcs oguzhancelikarslan adamsteele-city tanonl HonakerM JamesonNetworks daviddavis JT501 more... |
filipeximenes
powderflask kavdev fjsj iurisilvio reduxionist amandasavluchinske andersonresende victorgutemberg aarcro more... |
jezdez
jlward bartTC winhamwr bocribbz gthb safwanrahman remik diegobz RDIL more... |
millerdev
kennknowles czue dannyroberts biyeun GertBurger NoahCarnahan ArtemBernatskyy nickpell snopoke more... |
RamezIssac
ihabhussein abahnihi vintage |
adamchainz
pre-commit-ci[bot] rik DmytroLitvinov |
lambdalisue
giginet quasiyoke LuRsT argsno oskarjakiela philippeowagner Simanas timgates42 AmbientLighter more... |
nnseva |
AminHP
salarnasiri zshongyi |
timonweb |
kluchrj
LerikG |
LilithWittmann
seblat |
manfred-kaiser |
devo-wm
renderbox mgcamisa jared-hardy |
miketheredherring | hespul |
filipeximenes
tzatzosm dimkl reduxionist fjsj andersonresende victorgutemberg aarcro jamespenick myonov more... |
cenkbircanoglu | gabrielbiasi | PiDelport | staab | pterk | phuihock |
eduardo-matos
perdy |
fabiomichelini |
bramwelt
MostAwesomeDude bsu Kennric chancez |
garrypolley |
thomasyip
core2duo suhailvs |
tyrion | diefenbach | paltman |
specialunderwear
PetrDlouhy |
lefterisnik
Anton-Shutik awgreenblatt michi88 pieterdd ciarancourtney kapucko lanterno crazyscientist pinerojuancruz more... |
robpogorzelski
adi- |
tiliv |
chrisglass
maraujop jjmaestro stefanfoulis nigma juandecarrion mitchellrj amites bashu DanLipsitt more... |
fhahn | mhall119 | rasca |
neuman
lightstrike |
nabucosound |
dbkaplan
AlexandreCollet mbaragiola ttill wernerhp abeniwal GerardPaligot marctc vovanbo artragis |
justquick
jazzido bhuztez |
maraujop
jjmaestro |
|||
| Documentation | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | N/A | ||||||||||||||||||||||||
| Object-level | , In conjunction with django-guardian since `Groups` can be used. | ✅ ✅ django-trusts always works as an annexation; all features require *no* patched class of any sort, works with all existing builtin auth features: authorization, permission, group, contenttypes; option to use junction table mechanism: no moditication to any existing model. |
||||||||||||||||||||||||||||||||||||||||||||||||||
| Assignment | manager + patched User and Group + shortcut function + Admin Integration (with ModelAdmin extension) |
irrelevant | , utils functions | permission classes instances + admin (action) + custom views | Add builtin PermissionLogic subclass or your own PermissionLogic subclass to the target model class. | logical only (code executed on object to determine permission) | using shortcuts functions and mixins for Users and Objects | By creating a Permission record, mapping actions to roles, and defining permission inheritance via relations. | , complete API and GUI | patched User and Group or util functions | use the provided add_permission backend from django_generic_permissions.backends import add_permission add_permission('foo', logged_in_user) |
via Models or Django Admin UI (upcoming: REST api via tastypie) |
utils functions | utils functions | Permissions are not assigned to models. | In the same model as a method which takes the User as argument and returns True or False | manager | patched User and Group | ||||||||||||||||||||||||||||||||||
| Declaration | Using the policy language |
registry of callables | permissions are defined by role. | , permission classes | registration. Each model can be registered with Handler for them | , Role class inheritance | , declaration in a perms.py file in app | , using the same method as auth Django system. | Yes, by creating a role-agent-entity entry, combined with checking optional model relations. | , global permissions in settings and model permission as canonical auth | , registration dynamically creates permission models | permissions are view and function level permissions |
via django's permission model: app.change_xyz, app.add_xyz, app.delete_xyz or any custom permissions |
Permissions are declared for views. | as a method in the same model | , registration | ||||||||||||||||||||||||||||||||||||
| Inheritance | By writing simple rules |
irrelevant | for PermissionLogic class | , full inheritance defining the "parents" of the model. | , from parent container | Can be achieve with two methods: a) by register the model with field lookup path from another permissible model (i.e., Content.register_content(ReceiptImage, '%s__image' % Content.get_content_fieldlookup('app.Receipt')), or b) by sharing the same `trust` between depended / dependent objects |
||||||||||||||||||||||||||||||||||||||||||||||
| Logical checks | Using the Polar policy language |
each model have PermissionHandler for them and has_perm method will be called for paricular model. | No, though it's extensible enough to add that easily. | via lambda registered with model (i.e., Content.register_permission_condition(Receipt, 'own', lambda u, p, o: u == o.user)) @permission_required('app.change_receipt:own', fieldlookups_kwargs={'pk': 'pk'}) |
||||||||||||||||||||||||||||||||||||||||||||||||
| Decorator | Works as class/method/functional decorator. | django.contrib.auth.decorators.permission_required | Implemented: @permission_required('app.read_project', fieldlookups_kwargs={'pk': 'project_id'}) |
This package operates on view level. | ||||||||||||||||||||||||||||||||||||||||||||||||
| Database | Logic is written as .polar policy files |
registry of callables | it use 'Logic' based permission system which is completely different from general permission system. | only logical check |
implementation optimized to reduce db hits per http request |
|||||||||||||||||||||||||||||||||||||||||||||||
| Templatetag | You can use like {% if user has 'auth.change_user' of object %} |
, has_perm | , limited functionality | supports django's builtins |
not needed as it is integrated with django.contrib.auth permissions | |||||||||||||||||||||||||||||||||||||||||||||||
| Django 1.2 backend | ||||||||||||||||||||||||||||||||||||||||||||||||||||
| Roles | Check documentation for examples |
irrelevant | if you add a PermissionLogic class like http://bit.ly/1z22IGl | , is actually required to have roles. | , assimilated by groups | Role is specified in model's meta and management commands updates db entires and makes it available for permission check |
||||||||||||||||||||||||||||||||||||||||||||||
| Field level | , define it in a object level checker. | ? | Objects are assigned to request and they can be compared to other values by attributes or methods. | |||||||||||||||||||||||||||||||||||||||||||||||||
| Model-level | , integration | , using role classes with models=ALL_MODELS | , own and integrated | this works independent of Django models intentionally | design to be used alongside with Django's builtin auth ModelBackend |
, own | integrated with django.contrib.auth permissions | , own | ||||||||||||||||||||||||||||||||||||||||||||
| Cascade update | Permissions are dynamic |
irrelevant | Can be | , the inheritance system also handle this behavior. | supports updating of multiple object permissions via `trust` and multiple users via django's `auth.models.Group` |
Depends on implementation. | ||||||||||||||||||||||||||||||||||||||||||||||
| Any-to-any | Can be | , only User-to-any | Same mechanism as Inheritance |
| Search Weight | Package | Description | Last PyPI release: | Repo Forks | Stars | |||
|---|---|---|---|---|---|---|---|---|
| {{ item.weight / max_weight * 100 | number:0 }}% | {{ item.title }} | Grid: {{ item.description }} | {{ item.last_released | date: 'mediumDate' }} | N/A | {{ item.repo_forks }} | N/A | {{ item.repo_watchers }} | N/A |
