CHANGES

Release 2.4.0 (May 24, 2021)

• Add support for Python 3.9
• Add support for Django 3.1, Django 3.2
• Add parameter any_perm to PermissionRequiredMixin
• Switch from Travis CI to GitHub Actions

Release 2.3.0 (June 6, 2020)

• Drop support for Django 2.1
• Fix compatibility with UUIDField primary keys
• Fix formatting for pyupgrade
• Fix error with get_objects_for_user on PostgreSQL
• Modify 'assign_perm' shortcut to treat lists as a queryset
• Updated links to Django documentation and django-authority repository
• Removed reference to "easy_install" in the documentation
• Run migrations check only if required version of django is installed

Release 2.2.0 (January 3, 2020)

• Add support for Django 3.0 and Python 3.8.
• Add support for custom generic object permission models.
• Don't initialise anonymous user on DB where it's not migrated.
• Allow object permissions with dots.

• Several performance improvements

  • Improve performance of get_objects_for_user
  • Update get_users_with_perms to avoid a large join

Important

The 2.2.x release line will be the last one that has support for Django 2.1.

Release 2.1.0 (September 9, 2019)

• Upgrade to use `django.urls.path` in routing

  • Add admin support for user primary key as UUID

• Auto pre-fetching permission via `GUARDIAN_AUTO_PREFETCH`
• Add tests for missing migrations

Release 2.0.0 (June 11, 2019)

• Drop support for Python 2.7 & 3.4 and Django 1.11 & 2.0

Release 1.5.1 (May 2, 2019)

• Restore compatibility with Python 2.7

Important

The 1.5.x release line will be the last one that has support for Python 2.7.

Release 1.5.0 (Jan 31, 2019)

• Updates for compatibility with latest Python and Django versions.

Release 1.4.9 (Jul 01, 2017)

• Drop django_guardian.compat.OrderedDict as a consequence of drop Python 1.6 earlier.
• Fix django admin 1.11 not showing selected permissions
• Add a optional checker variable to get_obj_perms
• Add missing classifiers in setup.py

Release 1.4.8 (Apr 04, 2017)

• Improved performance of clean_orphan_obj_perms management command
• Use bumpversion for versioning.
• Enable Python 3.6 testing
• Python 2.7, 3.4, 3.5, 3.6 are only supported Python versions
• Django 1.8, 1.10, and 1.11 are only supported Django versions
• Added explicity on_delete to all ForeignKeys

Release 1.4.6 (Sep 09, 2016)

• Improved performance of get_objects_for_user
• Added test-covered and documented guardian.mixins.PermissionListMixin
• Allow content type retrieval to be overridden fg. for django-polymorphic support
• Added support CreateView-like (no object) view in PermissionRequiredMixin
• Added django 1.10 to TravisCI and tox
• Run tests for example_project in TravisCI
• Require django 1.9+ for example_project (django-guardian core support django 1.7+)
• Fix django versions compatibility in example_project
• Drop django in install_requires of setuptools

Release 1.4.5 (Aug 09, 2016)

• Fix caching issue with prefetch_perms.
• Convert readthedocs link for their .org -> .io migration for hosted projects
• Added example CRUD CBV project
• Added TEMPLATES in example_project settings
• Added Queryset support to assign_perm
• Added QuerySet support to remove_perm
• Updated assign_perm and remove_perm docstrings
• Moved queryset support in assign_perms to its own function
• Moved queryset support in remove_perms to its own function
• Consolidated {User,Group}ObjectPermissionManager, move logic of bulk_*_perm to managers
• assign_perm and remove_perm shortcuts accept Permission instance as perm and QuerySet as obj too.
• Consolidated bulk_assign_perm to assign_perm and bulk_remove_perm to remove_perm
• Upgraded Grappelli templates breadcrumbs block to new Django 1.9 and Grappelli 2.8 standards, including proper URLs and support for preserved_filters. Removed the duplicated field.errors in the field.html template file.
• Made UserManage/GroupManage forms overridable
• Fixed GuardedModelAdminMixin views render for Django 1.10

Release 1.4.4 (Apr 04, 2016)

• Don't install support example_project.
• Direct ForeignKey perms in prefetch_perms.

Release 1.4.3 (Apr 03, 2016)

• guardian.VERSION should be a tuple, not a list. Fixes #411.
• Support for prefetching permissions.
• Fixed union between queries.
• Allow specifying an empty list of permissions for get_objects_for_group.
• Mixed group and user direction relations broken. Fixes #271.
• Lookup anonymous user using custom username field.
• Fix up processing of ANONYMOUS_USER_NAME where set to None. Fixes #409.
• Require TEMPLATE_403 to exist if RENDER_403 set.

Release 1.4.2 (Mar 09, 2016)

• Test against django-master (Django 1.10 - not released).
• Django 1.10 fixes.
• Fixes for documentation.
• PEP8 fixes.
• Fix distributed files in MANIFEST.in
• Use pytest for tests.
• Add dependancy on django-environ.
• Don't use ANONYMOUS_USER_ID. Uses ANONYMOUS_DEFAULT_USERNAME and USERNAME_FIELD instead.
• Use setuptools_scm for versioning.
• Initialise admin context using each_context for Django >= 1.8.
• Add missing with_superusers parameter to get_users_with_perms().
• Use setuptools scm for versioning.
• Fixes for example_project.
• Only display permissions if permission actually assigned.
• When using attach_perms with get_users_with_perms, and with_group_users and with_superusers set to False, only directly assigned permissions are now returned, and not effective (infered) permissions.

Release 1.4.1 (Jan 10, 2016)

• Fix broken documentation.
• Fix setup.py errors (#387).
• Fix tox tests.
• Fix travis tests.

Release 1.4.0 (Jan 8, 2016)

• Drop support for Django < 1.7
• Drop support for django south migrations.
• Remove depreciated code.
• Fix many Django depreciated warnings.
• Fix tests and example_project.
• Work around for postgresql specific Django bug (#366). This is a regression that was introduced in version 1.3.2.
• Updates to documentation.
• Require can_change permission to change object perms in admin.
• Fixes broke admin URLS (#376 and #381).
• Tests now work with Mysql and Postgresql as well as sqlite.
• Uses django-environ for tests.

Release 1.3.2 (Nov 14, 2015)

• Fixes tests for all versions of Django.
• Tests pass for Django 1.9b1.
• Drops support for Django < 1.5
• Add Russian translation.
• Various bug fixes.
• Ensure password for anonymous user is set to unusable, not None.

Release 1.3.1 (Oct 20, 2015)

• Fixes for 1.8 compat

Release 1.3 (Jun 3, 2015)

• Official Django 1.8 support (thanks to multiple contributors)

Release 1.2.5 (Dec 28, 2014)

• Official Django 1.7 support (thanks Troy Grosfield and Brian May)
• Allow to override PermissionRequiredMixin.get_permission_object, part of PermissionRequiredMixin.check_permissions method, responsible for retrieving single object (Thanks zauddelig)
• French translations (Thanks Morgan Aubert)
• Added support for User.get_all_permissions (thanks Michael Drescher)

Release 1.2.4 (Jul 14, 2014)

• Fixed another issue with custom primary keys at admin extensions (Thanks Omer Katz)

Release 1.2.3 (Jul 14, 2014)

Unfortunately this was broken release not including any important changes.

Release 1.2.2 (Jul 2, 2014)

• Fixed issue with custom primary keys at admin extensions (Thanks Omer Katz)
• get_403_or_None now accepts Python path to the view function, for example 'django.contrib.auth.views.login' (Thanks Warren Volz)
• Added with_superuser flag to guardian.shortcuts.get_objects_for_user (Thanks Bruno Ribeiro da Silva)
• Added possibility to disable monkey patching of the User model. (Thanks Cezar Jenkins)

Release 1.2 (Mar 7, 2014)

• Removed get_for_object methods from managers (#188)
• Extended documentation
• GuardedModelAdmin has been splitted into mixins
• Faster queries in get_objects_for_user when use_groups=False or any_perm=True (#148)
• Improved speed of get_objects_for_user shortcut
• Support for custom User model with not default username field
• Added GUARDIAN_GET_INIT_ANONYMOUS_USER setting (#179)
• Added accept_global_perms to PermissionRequiredMixin
• Added brazilian portuguese translations
• Added polish translations
• Added wheel support
• Fixed wrong anonymous user checks
• Support for Django 1.6
• Support for Django 1.7 alpha

Important

In this release we have removed undocumented get_for_object method from both UserObjectPermissionManager and GroupObjectPermissionManager. Not deprecated, removed. Those methods were not used within django-guardian and their odd names could lead to issues if user would believe they would return object level permissions associated with user/group and object passed as the input. If you depend on those methods, you'd need to stick with version 1.1 and make sure you do not misuse them.

Release 1.1 (May 26, 2013)

• Support for Django 1.5 (including Python 3 combination)
• Support for custom user models (introduced by Django 1.5)
• Ability to create permissions using Foreign Keys
• Added user_can_access_owned_by_group_objects_only option to GuardedModelAdmin.
• Minor documentation fixups
• Spanish translations
• Better support for grappelli
• Updated examples project
• Speed up get_perms shortcut function

Release 1.0.4 (Jul 15, 2012)

• Added GUARDIAN_RENDER_403 and GUARDIAN_RAISE_403 settings (#40)
• Updated docstring for get_obj_perms (#43)
• Updated codes to run with newest django-grappelli (#51)
• Fixed problem with building a RPM package (#50)
• Updated caveats docs related with oprhaned object permissions (#47)
• Updated permission_required docstring (#49)
• Added accept_global_perms for decorators (#49)
• Fixed problem with MySQL and booleans (#56)
• Added flag to check for any permission in get_objects_for_user and get_objects_for_group (#65)
• Added missing tag closing at template (#63)
• Added view mixins related with authorization and authentication (#73)
• Added tox support
• Added Travis support

Release 1.0.3 (Jul 25, 2011)

• Added get_objects_for_group shortcut (thanks to Rafael Ponieman)
• Added user_can_access_owned_objects_only flag to GuardedModelAdmin
• Updated and fixed issues with example app (thanks to Bojan Mihelac)
• Minor typo fixed at documentation
• Included ADC theme for documentation

Release 1.0.2 (Apr 12, 2011)

• get_users_with_perms now accepts with_group_users flag
• Fixed group_id issue at admin templates
• Small fix for documentation building process
• It's 2011 (updated dates within this file)

Release 1.0.1 (Mar 25, 2011)

• get_users_with_perms now accepts with_superusers flag
• Small fix for documentation building process

Release 1.0.0 (Jan 27, 2011)

• A final v1.0 release!

Release 1.0.0.beta2 (Jan 14, 2011)

• Added get_objects_for_user shortcut function
• Added few tests
• Fixed issues related with django.contrib.auth tests
• Removed example project from source distribution

Release 1.0.0.beta1 (Jan 11, 2011)

• Simplified example project
• Fixed issues related with test suite
• Added ability to clear orphaned object permissions
• Added clean_orphan_obj_perms management command
• Documentation cleanup
• Added grappelli admin templates

Release 1.0.0.alpha2 (Dec 2, 2010)

• Added possibility to operate with global permissions for assign and remove_perm shortcut functions
• Added possibility to generate PDF documentation
• Fixed some tests

Release 1.0.0.alpha1 (Nov 23, 2010)

• Fixed admin templates not included in MANIFEST.in
• Fixed admin integration codes

Release 1.0.0.pre (Nov 23, 2010)

• Added admin integration
• Added reusable forms for object permissions management

Release 0.2.3 (Nov 17, 2010)

• Added guardian.shortcuts.get_users_with_perms function
• Added AUTHORS file

Release 0.2.2 (Oct 19, 2010)

• Fixed migrations order (thanks to Daniel Rech)

Release 0.2.1 (Oct 3, 2010)

• Fixed migration (it wasn't actually updating object_pk field)

Release 0.2.0 (Oct 3, 2010)

Fixes

• #4: guardian now supports models with not-integer primary keys and they don't need to be called "id".

  Important

  For 0.1.X users: it is required to migrate guardian in your projects. Add south to INSTALLED_APPS and run:

  python manage.py syncdb
  python manage.py migrate guardian 0001 --fake
  python manage.py migrate guardian
  

Improvements

• Added South migrations support

Release 0.1.1 (Sep 27, 2010)

Improvements

• Added view decorators: permission_required and permission_required_403

Release 0.1.0 (Jun 6, 2010)

• Initial public release