{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 对你真心纯属浪费 的问题《Getting “Permission denied” page in the admin, whi》','https://www.manongdao.com/q-408154.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I've got some issue with user permissions in Django. I added some permissions for the Magasin model as shown below:
add_magasin=Permission.objects.get(codename="add_magasin")
change_magasin=Permission.objects.get(codename="change_magasin")
delete_magasin=Permission.objects.get(codename="delete_magasin")
user.user_permissions.add(add_magasin)
user.user_permissions.add(change_magasin)
user.user_permissions.add(delete_magasin)
user.save()
then when I check the permission I get:
In [100]: user.has_perm(delete_magasin)
Out[100]: False
In [101]: user.has_perm(add_magasin)
Out[101]: False
In [102]: user.has_perm(change_magasin)
Out[102]: False
and in the admin, connected with the same user, I can add a Magasin instance, but not delete one ("Permission denied"). I can't even delete a Magasin instance with the superuser.
I'm using Django 1.3 and I'm not using any external permission-related app...
EDIT: sql queries
mysql> select * from django_content_type;
+----+-----------------------+--------------+------------------+
| id | name | app_label | model |
+----+-----------------------+--------------+------------------+
***more stuff***
| 9 | magasin | securite_v2 | magasin |
***more stuff***
mysql> select * from auth_permission;
+----+----------------------------------+-----------------+-------------------------+
| id | name | content_type_id | codename |
+----+----------------------------------+-----------------+-------------------------+
***more stuff***
| 25 | Can add magasin | 9 | add_magasin |
| 26 | Can change magasin | 9 | change_magasin |
| 27 | Can delete magasin | 9 | delete_magasin |
***more stuff***
mysql> select * from auth_user where id=135;
+-----+---------------+------------+-----------+-------------------------------+-----------------------------------------------------+----------+-----------+--------------+---------------------+---------------------+
| id | username | first_name | last_name | email | password | is_staff | is_active | is_superuser | last_login | date_joined |
+-----+---------------+------------+-----------+-------------------------------+-----------------------------------------------------+----------+-----------+--------------+---------------------+---------------------+
| 135 | admingrandest | | | admingrandest@xxx.com | sha1$14f21$02a50f37be16f27aba3f677618b663edfb0ce5a7 | 1 | 1 | 0 | 2012-06-25 11:16:35 | 2012-06-22 16:42:46 |
+-----+---------------+------------+-----------+-------------------------------+-----------------------------------------------------+----------+-----------+--------------+---------------------+---------------------+
mysql> select * from auth_user_user_permissions;
+----+---------+---------------+
| id | user_id | permission_id |
+----+---------+---------------+
| 1 | 135 | 25 |
| 2 | 135 | 26 |
| 3 | 135 | 27 |
***more stuff***
What could be wrong?
The first argument of
User.has_perm()have to be a string in<app label>.<permission codename>format. In you're code you're passingPermissioninstance as first argument, which get's evaluated to<app_label> | <content_type> | <name>, sohas_permwill always returnFalse.Instead use
user.has_perm("<yourapp>.delete_magasin")It seems it has to do with file permissions, not Django user permissions.