Find the required permissions of Django URLs without calling them?

Question

My Django app currently has URLs which are protected by \'permission_required()\' functions.

This function is called in three different ways.

1. As a decorato

Answer 1

Is there a way of query the permissions required to a URL without requesting the URL?

User.has_perm() and User.has_module_perms()

Any suggestions on how to make a menu system which reflects URL permissions for the current user?

I really like this question, because it concerns anyone that makes a website with django, so I find it really relevant. I've been through that myself and even coded a menu "system" in my first django project back in 2008. But since then I tried Pinax, and one of the (so many) things I learnt from their example projects is that it is completely unnecessary bloat.

So, I have no suggestion which I would support on how to make a menu "system" which respects the request user permissions.

I do have a suggestion on how to make a simple menu which respects the request user permissions, so that might not be completely unrelated.

1. Just make your menu in plain HTML, it's not like it's going to change so often that it has to be generated. That will also keep your Python code simpler.

2. Add to settings.TEMPLATE_CONTEXT_PROCESSORS: 'django.core.context_processors.PermWrapper'

3. Use the {{ perms }} proxy to User.has_perms.

Example:

{% if perms.auth %}
    


    {% if perms.auth.change_user %} 
    

        {% trans 'Users' %}
    
    {% endif %} 

    {% if perms.auth.change_group %} 
    

        {% trans 'User groups' %}
    
    {% endif %} 

{% endif %} 
{# etc, etc #}

That's how I keep navigation simple, stupid, and out of the way. But also I always include an autocomplete not far from the menus to allows the user to navigate to any detail page easily. So, that's all I know about navigation in django projects, I'm eager to read other answers !