Home > Back-end >  Django: user.has_perm always returns false
Django: user.has_perm always returns false

Time:02-23

I have a custom user:

from django.contrib.auth.models import AbstractUser

# Create your models here.

class TaborUser(AbstractUser):
    email = models.EmailField('E-mail', unique=True)

Its backend:

from django.contrib.auth.backends import BaseBackend
from django.contrib.auth import get_user_model
from django.db.models import Q


UserModel = get_user_model()


class EmailBackend(BaseBackend):
    def get_user(self, user_id):
        user = UserModel.objects.filter(pk=user_id)
        breakpoint()
        if user:
            return user[0]
        else:
            return None

    def authenticate(self, request, username=None, password=None, **kwargs):
        user = UserModel.objects.filter(email=username)
        if not user:
            user = UserModel.objects.filter(username=username)

        # Both username and e-mail are unique. As long as we don't have
        # a very rogue admin, we should be alright.
        if user:
            user = user[0]
        else:
            return None

        if user.check_password(password):
            return user
        else:
            return None

The model does not seem to pass this check:

class AdminView(PermissionRequiredMixin, FormView):
    form_class = UploadFileForm

    template_name = "admin.html"
    login_url = "/login/"

    permission_required = ("taborapp.view_photomodel",
                           "taborapp.add_photomodel",
                           "taborapp.delete_photomodel", 
                        )

When user is added as follows:

from taborapp.models import TaborUser
from django.contrib.auth.models import Permission
from django.contrib.contenttypes.models import ContentType

user = TaborUser.objects.create_user("test")

user.email = "[email protected]"
user.set_password("LOLaPublicPassword123")

permissions = []
photo_type = ContentType.objects.get(app_label="taborapp", model="photomodel")

for codename in "view_photomodel", "add_photomodel", "delete_photomodel":
    perm = Permission.objects.filter(content_type=photo_type, codename=codename)
    permissions.append(perm[0])

user.user_permissions.add(*permissions)

user.save()

Am I doing anything wrong? I went over docs and similar issues on stack overflow a few times and I just cannot figure out the issue.

I am too brief for the auto-detection system to believe me that I have described my problem enough. I hope this sentence will satisfy it.

CodePudding user response:

Drop into the Django shell:

python manage.py shell

Next,

    from django.contrib.auth.models import User
    u = User.objects.get(email="[email protected]")
    u.get_user_permissions()

Hopefully you'll see what you're looking for in the data returned. That'll give you a good idea of where to look next.

CodePudding user response:

As pointed out by @RiverRook, getting the list of permissions was very helpful as I managed to find the correct thread about this.

Django user get_all_permissions() is empty while user_permissions is set

  • Related