Permissions

A grid of all packages implementing permissions for users and groups in your Django project.

Please fell free to verify and update features for listed apps or add another app if you know one.

Features currently being evaluated

Feature Description
Object-level Support for permissions assigned per object.
Assignment How do you assign permissions for objects?
Declaration Do you declare permissions for models? How?
Inheritance Permissions inheritance from related objects.
Logical checks Support for permission checked dynamically, e.g. can view entry no older than
one month.
Decorator Object-level decorator for views.
Database Is a database required? If not, how are permissions stored?
Templatetag Permissions checks in templates via tags.
Django 1.2 backend See: http://docs.djangoproject.com/en/dev/releases/1.2/#object-level-permissions
.
Roles Support for roles in permissions.
Field level Supports permissions at the field level of models
Model-level Support for model-level perms (either on its own or by seamless integration with
django.contrib.auth permissions).
Cascade update Support for cascade update of related objects, e.g. if added view or change perm
for the product, then add view perm for the product category.
Any-to-any Permissions for any object to any other object.

Filter results

Package django-guardian django-oso rules drf-extensions djangorestframework-api-key DRF Access Policy django-role-permissions django-authority django-prbac Tabular Permissions Widget django-permissions-policy django-permission Django-Access drf-psq Django Debug Permissions django-permissions-auditor serious-django-permissions restframework-serializer-permissions Django Permafrost django-hats django-simple-perms django-http-451 giaola-role-permissions django-roles django-improved-permissions django-auth-utils django-flexible-permissions django-bop django-pobject django-global-permissions django-custodian django-acl Django Object Permissions django_sieve django-generic-permissions django-trusts django-acl django-permissions django-rubberstamp django-finegrained-permissions django-admin-view-permission django-permissionsx django-field-permissions django-rulez django-permission-backend-nonrel django-extauth django-hierarchical-auth carteblanche django-rbac dry-rest-permissions django-objectpermissions django-rules
Package django-guardian django-oso rules drf-extensions djangorestframework-api-key DRF Access Policy django-role-permissions django-authority django-prbac Tabular Permissions Widget django-permissions-policy django-permission Django-Access drf-psq Django Debug Permissions django-permissions-auditor serious-django-permissions restframework-serializer-permissions Django Permafrost django-hats django-simple-perms django-http-451 giaola-role-permissions django-roles django-improved-permissions django-auth-utils django-flexible-permissions django-bop django-pobject django-global-permissions django-custodian django-acl Django Object Permissions django_sieve django-generic-permissions django-trusts django-acl django-permissions django-rubberstamp django-finegrained-permissions django-admin-view-permission django-permissionsx django-field-permissions django-rulez django-permission-backend-nonrel django-extauth django-hierarchical-auth carteblanche django-rbac dry-rest-permissions django-objectpermissions django-rules
Description Per object permissions for
Django
Oso is a batteries-included
framework for building
authorization in your
application.
Awesome Django authorization,
without the database
DRF-extensions is a collection
of custom extensions for
Django REST Framework
🔐 API key permissions for
Django REST Framework
Declarative access
policies/permissions modeled
after AWS' IAM policies.
A django app for role based
permissions.
A Django app that provides
generic per-object-permissions
for Django's auth app and
helpers to create custom
permission checks.
Display Django permissions in
a HTML table that is
translatable and easily
customized.
Set the draft security HTTP
header Permissions-Policy
(previously Feature-Policy) on
your Django app.
[Not maintained] An enhanced
permission system which
support object permission in
Django
Django-Access - the
application introducing
dynamic evaluation-based
instance-level (row-level)
access rights control for
Django
The simplest and most general
way to manage action-based
permissions, serializers, and
querysets dependent on
permission-based rules for the
Djang...
Get a list of all user
permissions available in the
system
Tool to audit access control
on your django app.
A Django extension to define
and use Groups and Permissions
from a central place, per app.
Drop in replacement for Django
Restframework Serializers to
add permission based field
serialization.
Adds User Definable
Permissions to Django
Role-based permissions system
for Django. Everyone wears a
different hat, some people
wear multiple.
Django implementation for
HTTP451
A django app for role based
permissions.
Django Roles with
Role-Group-Permission-User
Django application made to
make django's default
permission system more robu...
Django authentication and
authorization utilities
A Django app that combines
object-level table permissions
with model relations to avoid
normalization of data while
providing an extremel...
Basic Object-level Permissions
for django 1.2+
An expressive and concise mini
permission module for Django
views.
Global permissions for Django The application
django-custodian wrap and
extend django.contrib.auth
module providing a exaustive
and granular approach to
authorizations and permissions
management. I...
This is an implementation of
Object Permissions, a.k.a. row
level permissions. Object
Permissions allow you to
assign a permission t...
Serve user-wise data
beautifully, minimally and
correctly.
A simple Authentication
Backend to manage specific
permissions.
Django authorization add-on
for multiple organizations and
object-level permission
settings
Access Control Lists for
django aka per-row
permissions. Largely inspired
on phpBB's ACL. Support for
roles.
Permissions manager and
backend for Django 1.2,
supporting object permissions
and application-specific
permissions.
Permissions per field instead
of per model for django
Reusable application which
provides a view permission for
the existing models.
PermissionsX - Authorization
for Django
A starting place for
field-level permissions
A lean and mean object-level
rules system for the Django
framework
An authentication backend that
supports Django's user and
group permissions on
Django-nonrel
Extended authorization
framework for Django,
including field-level
permissions and role-based
permissions
Extends django auth allowing
hierarchical permissions
Module to align code with
thoughts of users and
designers. Also magically
handles navigation and
permissio...
Role-based Access Control
(RBAC) implementation for
management of permissions in
Django. Allows a fine-grained
(row level) permission
assignment. Perfect fo...
Rules based permissions for
the Django Rest Framework
An app to add
object-level/row-level
permissions to users and
groups. Each model can have
different permissions.
Flexible and scalable Django
authorization backend for
unified per object permission
management
Category App App App App App Other App App App App App Framework App App App App App Other App App App App Other App App App App App Other App App App App App App App App Framework App Other App App App App App App App Other App App App App
# Using This 80 2 20 6 0 0 6 3 0 1 0 3 2 0 0 0 0 0 0 1 1 0 1 1 2 1 2 0 1 0 0 0 0 0 1 1 0 5 0 0 3 1 0 6 3 0 1 1 0 2 0 3
Python 3?
Development Status Production/Stable Beta Production/Stable Production/Stable Beta Unknown Production/Stable Production/Stable Alpha Production/Stable Production/Stable Production/Stable Beta Unknown Beta Production/Stable Unknown Unknown Alpha Production/Stable Unknown Unknown Production/Stable Unknown Unknown Alpha Unknown Beta n/a Pre-Alpha n/a Unknown Unknown Pre-Alpha Production/Stable Beta n/a Production/Stable n/a Beta Production/Stable Production/Stable n/a Unknown n/a n/a Unknown Unknown Beta Production/Stable Unknown n/a
Last updated Nov. 14, 2021, 1:19 p.m. Sept. 24, 2021, 1:55 p.m. Nov. 13, 2021, 3:43 a.m. Aug. 2, 2021, 1:34 a.m. Sept. 24, 2021, 6:07 a.m. Aug. 29, 2021, 3:20 p.m. Jan. 4, 2021, 10:54 a.m. Oct. 27, 2021, 6:59 a.m. Jan. 18, 2021, 2:15 p.m. Dec. 10, 2021, 5:07 a.m. Sept. 28, 2021, 2:05 p.m. March 4, 2020, 5:19 a.m. April 22, 2020, 3:22 a.m. Feb. 26, 2021, 12:51 p.m. May 14, 2020, 3:56 a.m. May 20, 2021, 4:11 p.m. June 19, 2021, 11:36 a.m. April 6, 2021, 9:24 a.m. April 16, 2021, 12:57 p.m. July 22, 2019, 9:57 a.m. Jan. 10, 2019, 3:22 p.m. Nov. 3, 2018, 5:13 a.m. Aug. 28, 2018, 5:42 a.m. Jan. 28, 2015, 4:04 p.m. Nov. 27, 2018, 5:56 a.m. Nov. 15, 2017, 5:47 a.m. Dec. 10, 2015, 9:21 p.m. Oct. 20, 2011, 9:16 a.m. March 4, 2011, 11:24 a.m. Oct. 10, 2018, 1:11 p.m. Nov. 10, 2011, 7:31 p.m. Oct. 8, 2015, 7:49 p.m. June 6, 2013, 6:33 p.m. June 4, 2014, 3:59 p.m. Jan. 9, 2013, 10:47 p.m. April 30, 2016, 3:17 a.m. Aug. 23, 2009, 4:17 p.m. June 21, 2015, 12:25 p.m. Oct. 28, 2010, 6:27 p.m. Oct. 6, 2013, 2:36 p.m. Dec. 2, 2018, 4:45 p.m. Nov. 3, 2017, 8:01 p.m. May 1, 2016, 3:25 a.m. Jan. 13, 2018, 2:04 p.m. April 9, 2011, 4:27 p.m. Dec. 10, 2011, 8:42 p.m. Jan. 5, 2011, 3:03 p.m. July 3, 2014, 11:51 a.m. March 31, 2010, 11:04 p.m. Jan. 31, 2018, 9:27 a.m. Oct. 8, 2010, 7:23 a.m. July 16, 2011, 11:32 a.m.
Version 2.4.0 0.21.0 3.0 0.7.1 2.1.0 1.1.0 3.1.1 0.14 1.0.1 2.9 4.3.0 1.0.5 n/a 1.1.0 1.0.0 1.0.4 0.17 0.0.2 0.2.15 1.1.2 0.2.8 0.1 1.2.0 0.0.4 0.2.2 0.1.1 1.0.7 0.3 n/a 0.2.4 n/a 0.1.3 1.4.6 1.0.0 0.1.0 0.10.3 n/a 1.2.2 n/a 0.0.1 1.9 2.0.0 n/a 1.0.2 n/a n/a 1.4.6 1.0.0 0.9 0.1.10 0.3.3 n/a
Repo GitHub GitHub GitHub GitHub GitHub GitHub GitHub GitHub GitHub GitHub GitHub GitHub GitHub GitHub GitHub GitHub GitHub GitHub GitHub GitHub Bitbucket GitHub GitHub GitHub GitHub GitHub GitHub GitHub Bitbucket GitHub Bitbucket GitHub GitHub GitHub GitHub GitHub Bitbucket GitHub GitHub GitHub GitHub GitHub GitHub GitHub Bitbucket Bitbucket GitHub GitHub Bitbucket GitHub GitHub GitHub
Commits
Stars 3113 1498 1374 1221 378 272 498 251 107 49 46 303 53 22 26 10 8 7 6 21 2 3 8 2 15 9 3 2 2 28 3 5 4 6 4 13 5 13 7 11 151 39 23 63 16 21 20 42 65 360 87 148
Repo Forks 533 60 110 194 56 29 103 55 35 8 3 46 2 4 1 1 n/a n/a 1 n/a n/a 1 1 n/a 2 n/a 1 n/a n/a 8 n/a n/a 2 1 1 2 2 11 n/a 2 42 4 18 17 n/a 2 6 3 4 60 10 11
Participants lukaszb
brianmay
ad-m
michael-k
johnthagen
bsvetchine
mitar
ggreer
troygrosfield
xordoquy
more...
gj
dhatch
saolsen
samscott89
leina05
plotnick
gkaemmer
gw000
samraper
joshrotenberg
more...
dfunckt
zerolab
dyve
ticosax
mlsen
thedrow
orf
pjsier
danlamanna
eviltwin
more...
auvipy
chibisov
pratyushmittal
rpkilby
OskarPersson
maryokhin
alexander-akhmetov
codingjoe
joehybird
tuky
more...
florimondmanca
spaceofmiah
biancaG
brittandeyoung
guilleijo
jaswanthm
jeancochrane
jeffgodwyll
tony
UtkucanBykl
rsinger86
dependabot[bot]
BarnabasSzabolcs
oguzhancelikarslan
adamsteele-city
tanonl
HonakerM
JamesonNetworks
daviddavis
JT501
more...
filipeximenes
powderflask
kavdev
fjsj
iurisilvio
reduxionist
amandasavluchinske
andersonresende
victorgutemberg
aarcro
more...
jezdez
jlward
bartTC
winhamwr
bocribbz
gthb
safwanrahman
remik
diegobz
RDIL
more...
millerdev
kennknowles
czue
dannyroberts
biyeun
GertBurger
NoahCarnahan
ArtemBernatskyy
nickpell
snopoke
more...
RamezIssac
ihabhussein
abahnihi
vintage
adamchainz
pre-commit-ci[bot]
rik
DmytroLitvinov
lambdalisue
giginet
quasiyoke
LuRsT
argsno
oskarjakiela
philippeowagner
Simanas
timgates42
AmbientLighter
more...
nnseva AminHP
salarnasiri
zshongyi
timonweb kluchrj
LerikG
LilithWittmann
seblat
manfred-kaiser devo-wm
renderbox
mgcamisa
jared-hardy
miketheredherring hespul filipeximenes
tzatzosm
dimkl
reduxionist
fjsj
andersonresende
victorgutemberg
aarcro
jamespenick
myonov
more...
cenkbircanoglu gabrielbiasi PiDelport staab pterk phuihock eduardo-matos
perdy
fabiomichelini bramwelt
MostAwesomeDude
bsu
Kennric
chancez
garrypolley thomasyip
core2duo
suhailvs
tyrion diefenbach paltman specialunderwear
PetrDlouhy
lefterisnik
Anton-Shutik
awgreenblatt
michi88
pieterdd
ciarancourtney
kapucko
lanterno
crazyscientist
pinerojuancruz
more...
robpogorzelski
adi-
tiliv chrisglass
maraujop
jjmaestro
stefanfoulis
nigma
juandecarrion
mitchellrj
amites
bashu
DanLipsitt
more...
fhahn mhall119 rasca neuman
lightstrike
nabucosound dbkaplan
AlexandreCollet
mbaragiola
ttill
wernerhp
abeniwal
GerardPaligot
marctc
vovanbo
artragis
justquick
jazzido
bhuztez
maraujop
jjmaestro
Documentation N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A
Object-level  , In conjunction with django-guardian since `Groups` can be used.   ✅ ✅

django-trusts always works as an annexation; all features require *no* patched class of any sort, works with all existing builtin auth features: authorization, permission, group, contenttypes; option to use junction table mechanism: no moditication to any existing model.
Assignment manager + patched User and Group + shortcut function
+ Admin Integration (with ModelAdmin extension)
irrelevant  , utils functions permission classes instances + admin (action) + custom views Add builtin PermissionLogic subclass or your own PermissionLogic subclass to the target model class. logical only (code executed on object to determine permission)   using shortcuts functions and mixins for Users and Objects By creating a Permission record, mapping actions to roles, and defining permission inheritance via relations.  , complete API and GUI patched User and Group or util functions use the provided add_permission backend

from django_generic_permissions.backends import add_permission

add_permission('foo', logged_in_user)
 

via Models or Django Admin UI
(upcoming: REST api via tastypie)
utils functions utils functions Permissions are not assigned to models. In the same model as a method which takes the User as argument and returns True or False manager patched User and Group
Declaration  
Using the policy language
  registry of callables   permissions are defined by role.  , permission classes   registration. Each model can be registered with Handler for them  , Role class inheritance  , declaration in a perms.py file in app  , using the same method as auth Django system. Yes, by creating a role-agent-entity entry, combined with checking optional model relations.  , global permissions in settings and model permission as canonical auth  , registration dynamically creates permission models  
permissions are view and function level permissions
 

via django's permission model: app.change_xyz, app.add_xyz, app.delete_xyz or any custom permissions
  Permissions are declared for views.   as a method in the same model  , registration
Inheritance  
By writing simple rules
irrelevant   for PermissionLogic class  , full inheritance defining the "parents" of the model.  , from parent container  

Can be achieve with two methods:
a) by register the model with field lookup path from another permissible model (i.e., Content.register_content(ReceiptImage, '%s__image' % Content.get_content_fieldlookup('app.Receipt')), or
b) by sharing the same `trust` between depended / dependent objects
Logical checks  
Using the Polar policy language
  each model have PermissionHandler for them and has_perm method will be called for paricular model. No, though it's extensible enough to add that easily.  

via lambda registered with model (i.e., Content.register_permission_condition(Receipt, 'own', lambda u, p, o: u == o.user))

@permission_required('app.change_receipt:own', fieldlookups_kwargs={'pk': 'pk'})

Decorator   Works as class/method/functional decorator.   django.contrib.auth.decorators.permission_required  

Implemented: @permission_required('app.read_project', fieldlookups_kwargs={'pk': 'project_id'})
  This package operates on view level.
Database  
Logic is written as .polar policy files
  registry of callables   it use 'Logic' based permission system which is completely different from general permission system.  
only logical check
 

implementation optimized to reduce db hits per http request
Templatetag   You can use like {% if user has 'auth.change_user' of object %}
 , has_perm  , limited functionality  

supports django's builtins
  not needed as it is integrated with django.contrib.auth permissions
Django 1.2 backend
Roles  
Check documentation for examples
irrelevant   if you add a PermissionLogic class like http://bit.ly/1z22IGl  , is actually required to have roles.  , assimilated by groups  

Role is specified in model's meta and management commands updates db entires and makes it available for permission check
Field level  , define it in a object level checker. ? Objects are assigned to request and they can be compared to other values by attributes or methods.
Model-level  , integration  , using role classes with models=ALL_MODELS  , own and integrated   this works independent of Django models intentionally  

design to be used alongside with Django's builtin auth ModelBackend
 , own   integrated with django.contrib.auth permissions  , own
Cascade update  
Permissions are dynamic
irrelevant   Can be  , the inheritance system also handle this behavior.  

supports updating of multiple object permissions via `trust` and multiple users via django's `auth.models.Group`
Depends on implementation.
Any-to-any   Can be  , only User-to-any  

Same mechanism as Inheritance
Search Weight Package Description Last PyPI release: Repo Forks Stars
{{ item.weight / max_weight * 100 | number:0 }}% {{ item.title }} Grid: {{ item.description }} {{ item.last_released | date: 'mediumDate' }} N/A {{ item.repo_forks }} N/A {{ item.repo_watchers }} N/A