Restrict Admin Access by Permission
A snippet for restricting Django Admin features to users with proper permissions.
# admin.py
from django.contrib import admin
from .models import Article
class ArticleAdmin(admin.ModelAdmin):
def has_view_permission(self, request, obj=None):
return request.user.has_perm('yourapp.view_article')
def has_change_permission(self, request, obj=None):
return request.user.has_perm('yourapp.change_article')
def has_delete_permission(self, request, obj=None):
return request.user.has_perm('yourapp.delete_article')
def has_add_permission(self, request):
return request.user.has_perm('yourapp.add_article')
admin.site.register(Article, ArticleAdmin)
# Django Admin
1. Go to /admin/auth/user/ or /admin/auth/group/
2. Assign object-level permissions like:
- Can view article
- Can add article
- Can change article
- Can delete article
Explanation:
-
You can override admin permission methods like
has_view_permission()orhas_change_permission()for custom access logic. - Each method returns a boolean depending on whether the user has the corresponding permission.
- These checks affect what users can see or do inside Django Admin for that model.
- You can combine these with custom permissions for even finer control.
- Category Authentication & Authorization
- Total Views 806
- Last Modified 17 November, 2025
- Tags #admin #permissions #auth #authorization
Previous snippet
Create Custom Permissions
Next snippet