Per-object permissions allow only specific users to access, modify, and delete data that they own. In this video, learn how to install and configure django-guardian.
- When you have data models in Django, the permissions to add, modify or delete that data depends on the logic you implement in your views. Without fine grain security checks, any user could access another user's data and even modify it if the security check is poorly coded. We're going to begin by adding the guardian app to the installed apps list, in our settings file. And we're going to scroll down to the authentication backends, and we're going to be adding the object permission backend from guardian, and then ,we're going to be running the migrations. As you can see, guardian is part of the list of migrations, it provides its own migrations for object permissions.
Skill Level Advanced
Building a Paid Membership Site with Djangowith Nick Walter1h 15m Intermediate
OWASP Top 10: #7 XSS and #8 Insecure Deserializationwith Caroline Wong26m 31s Intermediate
Building RESTful Web APIs with Djangowith Rudolf Olah1h 9m Intermediate
1. Permissions, Access Controls, Activity Logs
2. Throttling a Flood of Requests
3. Protecting Data and Data Privacy
4. 2FA: Two-Factor Authentication
5. CSRF: Cross-Site Request Forgery Protection
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.