Permissions Reference
Permission Utilities
django-tenant-users offers utility functions to manage permissions
across tenants. These functions provide fine-grained control over user
roles and access within each tenant.
- class PermissionsMixinFacade[source]
Bases:
objectA facade for Django’s PermissionMixin to handle multi-tenant permissions.
Adapts Django’s PermissionMixin to work seamlessly with django-tenant-users, by delegating permission-related functionalities to the tenant-specific permissions model. It ensures that permissions are correctly managed according to the tenant context, rather than using Django’s default user-based permission system.
Note
This class is abstract and should be inherited by AUTH_USER_MODEL.
-
pk:
Any
- tenant_perms
- is_staff
- is_superuser
-
pk:
Permission Models
The permission models in django-tenant-users extend Django’s
built-in permissions framework. This extension allows for the definition
of tenant-specific roles and permissions, ensuring that each tenant has
its own set of access controls.
- class UserTenantPermissions(*args, **kwargs)[source]
Bases:
PermissionsMixin,AbstractBaseUserFacadeAuthorization model for managing per-tenant permissions in Django-tenant-users.
This class is responsible for handling the authorization aspects (permissions) for each tenant. It complements the UserProfile model, which stores global user profile information and authentication details in the public tenant schema. By separating authorization on a per-tenant basis, this model supports a flexible and scalable approach to permissions management in a multi-tenant environment.
- Inherits:
PermissionsMixin: Provides Django’s built-in permissions framework. AbstractBaseUserFacade: Bridges authorization with authentication models.
See also
UserProfile: For the model handling global user profile and authentication aspects.
- id
A wrapper for a deferred-loading field. When the value is read from this object the first time, the query is executed.
-
profile:
Any Accessor to the related object on the forward side of a one-to-one relation.
In the example:
class Restaurant(Model): place = OneToOneField(Place, related_name='restaurant')
Restaurant.placeis aForwardOneToOneDescriptorinstance.
- is_staff
A wrapper for a deferred-loading field. When the value is read from this object the first time, the query is executed.
- created_at
A wrapper for a deferred-loading field. When the value is read from this object the first time, the query is executed.
- modified_at
A wrapper for a deferred-loading field. When the value is read from this object the first time, the query is executed.
- exception DoesNotExist
Bases:
ObjectDoesNotExist
- exception MultipleObjectsReturned
Bases:
MultipleObjectsReturned
- groups
Accessor to the related objects manager on the forward and reverse sides of a many-to-many relation.
In the example:
class Pizza(Model): toppings = ManyToManyField(Topping, related_name='pizzas')
Pizza.toppingsandTopping.pizzasareManyToManyDescriptorinstances.Most of the implementation is delegated to a dynamically defined manager class built by
create_forward_many_to_many_manager()defined below.
- is_superuser
A wrapper for a deferred-loading field. When the value is read from this object the first time, the query is executed.
- objects = <django.db.models.manager.Manager object>
- profile_id
- user_permissions
Accessor to the related objects manager on the forward and reverse sides of a many-to-many relation.
In the example:
class Pizza(Model): toppings = ManyToManyField(Topping, related_name='pizzas')
Pizza.toppingsandTopping.pizzasareManyToManyDescriptorinstances.Most of the implementation is delegated to a dynamically defined manager class built by
create_forward_many_to_many_manager()defined below.
Note
The UserTenantPermissions model includes created_at and
modified_at timestamp fields for tracking when users join tenants
and when their permissions change.