{"id":364,"date":"2021-11-22T21:14:12","date_gmt":"2021-11-22T21:14:12","guid":{"rendered":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/?p=364"},"modified":"2021-11-22T21:14:12","modified_gmt":"2021-11-22T21:14:12","slug":"fine-tuning-django-user-permissions","status":"publish","type":"post","link":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/2021\/11\/22\/fine-tuning-django-user-permissions\/","title":{"rendered":"Fine Tuning Django User Permissions"},"content":{"rendered":"<h1>Fine Tuning Django User Permissions<\/h1>\n<p><em><strong>Dr Dan Davies<\/strong> from the Imperial RSE team has written a how-to guide based on his experiences with the Django web framework for python. Read the full blog post <a href=\"https:\/\/dandavies99.github.io\/posts\/2021\/11\/django-permissions\/\" target=\"_blank\" rel=\"noopener\">here<\/a>. <\/em><\/p>\n<p>The RSE team is involved in an increasing number of software projects requiring a front-end web app. The main advantage to having a web app element for your research software is that users can interact with it via a web browser, without having to install anything to their local machine. There are of course downsides, including the need to deploy, host and maintain software somewhere suitable. However, there is a wide range of popular frameworks to make the whole process a lot smoother.<\/p>\n<p>User permissions are an important consideration for any web app. This is not necessarily just to do with overall security, but how you might want different types of users \u2013 with different roles \u2013 to interact with your software. For example, it is common to require admin users to be able to perform a wide variety of actions, while the majority of users should only be able to perform a small subset of actions. The degree of complexity required will depend on the overall aim.<\/p>\n<p>We frequently use the <a href=\"https:\/\/www.djangoproject.com\/\" target=\"_blank\" rel=\"noopener\">Django<\/a> web framework, which facilitates the creation of web apps solely in Python. <a href=\"https:\/\/dandavies99.github.io\/posts\/2021\/11\/django-permissions\/\" target=\"_blank\" rel=\"noopener\">This blog post<\/a> covers aspects of user management and permissions within Django, which Dan has learned about and implemented while working on a web-based database to store and visualise sets of experimental data. It covers some basics such as how to assign permissions to user and groups of users, as well as more advanced topics such as setting up automatic permissions when specific objects are created. We hope it will be useful to the wider RSE community and beyond!<\/p>\n<figure id=\"attachment_382\" aria-describedby=\"caption-attachment-382\" style=\"width: 640px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"637\" class=\"wp-image-382 size-large\" src=\"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/files\/2021\/11\/code_example_1-1024x637.png\" alt=\"Simple permission assignment in Django\" \/><figcaption id=\"caption-attachment-382\" class=\"wp-caption-text\">Fig. 1: Simple permission assignment in Django<\/figcaption><\/figure>\n<figure id=\"attachment_383\" aria-describedby=\"caption-attachment-383\" style=\"width: 640px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"890\" class=\"wp-image-383 size-large\" src=\"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/files\/2021\/11\/code_example_2-1024x890.png\" alt=\"Automatic permission assignment for specific objects in Django.\" \/><figcaption id=\"caption-attachment-383\" class=\"wp-caption-text\">Fig. 2: Automatic permission assignment for specific objects in Django.<\/figcaption><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>Fine Tuning Django User Permissions Dr Dan Davies from the Imperial RSE team has written a how-to guide based on his experiences with the Django web framework for python. Read the full blog post here. The RSE team is involved in an increasing number of software projects requiring a front-end web app. The main advantage [&hellip;]<\/p>\n","protected":false},"author":904,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[390],"tags":[315904,268274],"class_list":["post-364","post","type-post","status-publish","format-standard","hentry","category-technology","tag-django","tag-python"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Fine Tuning Django User Permissions - Research Software Engineering<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/2021\/11\/22\/fine-tuning-django-user-permissions\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Fine Tuning Django User Permissions - Research Software Engineering\" \/>\n<meta property=\"og:description\" content=\"Fine Tuning Django User Permissions Dr Dan Davies from the Imperial RSE team has written a how-to guide based on his experiences with the Django web framework for python. Read the full blog post here. The RSE team is involved in an increasing number of software projects requiring a front-end web app. The main advantage [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/2021\/11\/22\/fine-tuning-django-user-permissions\/\" \/>\n<meta property=\"og:site_name\" content=\"Research Software Engineering\" \/>\n<meta property=\"article:published_time\" content=\"2021-11-22T21:14:12+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/files\/2021\/11\/code_example_1-1024x637.png\" \/>\n<meta name=\"author\" content=\"Diego Alonso Alvarez\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Diego Alonso Alvarez\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/blogs.imperial.ac.uk\\\/research-software-engineering\\\/2021\\\/11\\\/22\\\/fine-tuning-django-user-permissions\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/blogs.imperial.ac.uk\\\/research-software-engineering\\\/2021\\\/11\\\/22\\\/fine-tuning-django-user-permissions\\\/\"},\"author\":{\"name\":\"Diego Alonso Alvarez\",\"@id\":\"https:\\\/\\\/blogs.imperial.ac.uk\\\/research-software-engineering\\\/#\\\/schema\\\/person\\\/f864d03b8aaabe5b4bc9a2bb0fe676ce\"},\"headline\":\"Fine Tuning Django User Permissions\",\"datePublished\":\"2021-11-22T21:14:12+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/blogs.imperial.ac.uk\\\/research-software-engineering\\\/2021\\\/11\\\/22\\\/fine-tuning-django-user-permissions\\\/\"},\"wordCount\":331,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/blogs.imperial.ac.uk\\\/research-software-engineering\\\/2021\\\/11\\\/22\\\/fine-tuning-django-user-permissions\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/blogs.imperial.ac.uk\\\/research-software-engineering\\\/files\\\/2021\\\/11\\\/code_example_1-1024x637.png\",\"keywords\":[\"Django\",\"Python\"],\"articleSection\":[\"Technology\"],\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/blogs.imperial.ac.uk\\\/research-software-engineering\\\/2021\\\/11\\\/22\\\/fine-tuning-django-user-permissions\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/blogs.imperial.ac.uk\\\/research-software-engineering\\\/2021\\\/11\\\/22\\\/fine-tuning-django-user-permissions\\\/\",\"url\":\"https:\\\/\\\/blogs.imperial.ac.uk\\\/research-software-engineering\\\/2021\\\/11\\\/22\\\/fine-tuning-django-user-permissions\\\/\",\"name\":\"Fine Tuning Django User Permissions - Research Software Engineering\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/blogs.imperial.ac.uk\\\/research-software-engineering\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/blogs.imperial.ac.uk\\\/research-software-engineering\\\/2021\\\/11\\\/22\\\/fine-tuning-django-user-permissions\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/blogs.imperial.ac.uk\\\/research-software-engineering\\\/2021\\\/11\\\/22\\\/fine-tuning-django-user-permissions\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/blogs.imperial.ac.uk\\\/research-software-engineering\\\/files\\\/2021\\\/11\\\/code_example_1-1024x637.png\",\"datePublished\":\"2021-11-22T21:14:12+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/blogs.imperial.ac.uk\\\/research-software-engineering\\\/#\\\/schema\\\/person\\\/f864d03b8aaabe5b4bc9a2bb0fe676ce\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/blogs.imperial.ac.uk\\\/research-software-engineering\\\/2021\\\/11\\\/22\\\/fine-tuning-django-user-permissions\\\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/blogs.imperial.ac.uk\\\/research-software-engineering\\\/2021\\\/11\\\/22\\\/fine-tuning-django-user-permissions\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/blogs.imperial.ac.uk\\\/research-software-engineering\\\/2021\\\/11\\\/22\\\/fine-tuning-django-user-permissions\\\/#primaryimage\",\"url\":\"https:\\\/\\\/blogs.imperial.ac.uk\\\/research-software-engineering\\\/files\\\/2021\\\/11\\\/code_example_1.png\",\"contentUrl\":\"https:\\\/\\\/blogs.imperial.ac.uk\\\/research-software-engineering\\\/files\\\/2021\\\/11\\\/code_example_1.png\",\"width\":1260,\"height\":784,\"caption\":\"Simple permission assignment in Django\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/blogs.imperial.ac.uk\\\/research-software-engineering\\\/2021\\\/11\\\/22\\\/fine-tuning-django-user-permissions\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/blogs.imperial.ac.uk\\\/research-software-engineering\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Fine Tuning Django User Permissions\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/blogs.imperial.ac.uk\\\/research-software-engineering\\\/#website\",\"url\":\"https:\\\/\\\/blogs.imperial.ac.uk\\\/research-software-engineering\\\/\",\"name\":\"Research Software Engineering\",\"description\":\"News and views from the Research Software Engineering Team at Imperial College London\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/blogs.imperial.ac.uk\\\/research-software-engineering\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/blogs.imperial.ac.uk\\\/research-software-engineering\\\/#\\\/schema\\\/person\\\/f864d03b8aaabe5b4bc9a2bb0fe676ce\",\"name\":\"Diego Alonso Alvarez\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/095b53fb3b2c3897c27516b277656ad8cdf6aa99562c94931a56ab7b83793fa2?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/095b53fb3b2c3897c27516b277656ad8cdf6aa99562c94931a56ab7b83793fa2?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/095b53fb3b2c3897c27516b277656ad8cdf6aa99562c94931a56ab7b83793fa2?s=96&d=mm&r=g\",\"caption\":\"Diego Alonso Alvarez\"},\"url\":\"https:\\\/\\\/blogs.imperial.ac.uk\\\/research-software-engineering\\\/author\\\/dalonsoa\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Fine Tuning Django User Permissions - Research Software Engineering","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/2021\/11\/22\/fine-tuning-django-user-permissions\/","og_locale":"en_GB","og_type":"article","og_title":"Fine Tuning Django User Permissions - Research Software Engineering","og_description":"Fine Tuning Django User Permissions Dr Dan Davies from the Imperial RSE team has written a how-to guide based on his experiences with the Django web framework for python. Read the full blog post here. The RSE team is involved in an increasing number of software projects requiring a front-end web app. The main advantage [&hellip;]","og_url":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/2021\/11\/22\/fine-tuning-django-user-permissions\/","og_site_name":"Research Software Engineering","article_published_time":"2021-11-22T21:14:12+00:00","og_image":[{"url":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/files\/2021\/11\/code_example_1-1024x637.png","type":"","width":"","height":""}],"author":"Diego Alonso Alvarez","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Diego Alonso Alvarez","Estimated reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/2021\/11\/22\/fine-tuning-django-user-permissions\/#article","isPartOf":{"@id":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/2021\/11\/22\/fine-tuning-django-user-permissions\/"},"author":{"name":"Diego Alonso Alvarez","@id":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/#\/schema\/person\/f864d03b8aaabe5b4bc9a2bb0fe676ce"},"headline":"Fine Tuning Django User Permissions","datePublished":"2021-11-22T21:14:12+00:00","mainEntityOfPage":{"@id":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/2021\/11\/22\/fine-tuning-django-user-permissions\/"},"wordCount":331,"commentCount":0,"image":{"@id":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/2021\/11\/22\/fine-tuning-django-user-permissions\/#primaryimage"},"thumbnailUrl":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/files\/2021\/11\/code_example_1-1024x637.png","keywords":["Django","Python"],"articleSection":["Technology"],"inLanguage":"en-GB","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/2021\/11\/22\/fine-tuning-django-user-permissions\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/2021\/11\/22\/fine-tuning-django-user-permissions\/","url":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/2021\/11\/22\/fine-tuning-django-user-permissions\/","name":"Fine Tuning Django User Permissions - Research Software Engineering","isPartOf":{"@id":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/#website"},"primaryImageOfPage":{"@id":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/2021\/11\/22\/fine-tuning-django-user-permissions\/#primaryimage"},"image":{"@id":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/2021\/11\/22\/fine-tuning-django-user-permissions\/#primaryimage"},"thumbnailUrl":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/files\/2021\/11\/code_example_1-1024x637.png","datePublished":"2021-11-22T21:14:12+00:00","author":{"@id":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/#\/schema\/person\/f864d03b8aaabe5b4bc9a2bb0fe676ce"},"breadcrumb":{"@id":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/2021\/11\/22\/fine-tuning-django-user-permissions\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/2021\/11\/22\/fine-tuning-django-user-permissions\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/2021\/11\/22\/fine-tuning-django-user-permissions\/#primaryimage","url":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/files\/2021\/11\/code_example_1.png","contentUrl":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/files\/2021\/11\/code_example_1.png","width":1260,"height":784,"caption":"Simple permission assignment in Django"},{"@type":"BreadcrumbList","@id":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/2021\/11\/22\/fine-tuning-django-user-permissions\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/"},{"@type":"ListItem","position":2,"name":"Fine Tuning Django User Permissions"}]},{"@type":"WebSite","@id":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/#website","url":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/","name":"Research Software Engineering","description":"News and views from the Research Software Engineering Team at Imperial College London","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Person","@id":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/#\/schema\/person\/f864d03b8aaabe5b4bc9a2bb0fe676ce","name":"Diego Alonso Alvarez","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/secure.gravatar.com\/avatar\/095b53fb3b2c3897c27516b277656ad8cdf6aa99562c94931a56ab7b83793fa2?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/095b53fb3b2c3897c27516b277656ad8cdf6aa99562c94931a56ab7b83793fa2?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/095b53fb3b2c3897c27516b277656ad8cdf6aa99562c94931a56ab7b83793fa2?s=96&d=mm&r=g","caption":"Diego Alonso Alvarez"},"url":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/author\/dalonsoa\/"}]}},"_links":{"self":[{"href":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/wp-json\/wp\/v2\/posts\/364","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/wp-json\/wp\/v2\/users\/904"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/wp-json\/wp\/v2\/comments?post=364"}],"version-history":[{"count":19,"href":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/wp-json\/wp\/v2\/posts\/364\/revisions"}],"predecessor-version":[{"id":387,"href":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/wp-json\/wp\/v2\/posts\/364\/revisions\/387"}],"wp:attachment":[{"href":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/wp-json\/wp\/v2\/media?parent=364"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/wp-json\/wp\/v2\/categories?post=364"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.imperial.ac.uk\/research-software-engineering\/wp-json\/wp\/v2\/tags?post=364"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}