Django REST Framework Guardian

raw JSON →
0.4.0 verified Mon Apr 27 auth: no python maintenance

Provides django-guardian integration with Django REST Framework, enabling object-level permissions via DRF's permission system. Current version 0.4.0, updated 2025. Release cadence is low (last release years ago). Compatible with DRF 3.x and guardian 2.x.

pip install djangorestframework-guardian

Common errors

error ModuleNotFoundError: No module named 'rest_framework_guardian'
cause Library not installed or missing dependency.
fix
Run 'pip install djangorestframework-guardian' and ensure django-guardian and djangorestframework are installed.
error AttributeError: 'NoneType' object has no attribute 'user'
cause Permission class requires request.user; often occurs when using DjangoObjectPermissions without authentication.
fix
Add 'permissions.IsAuthenticated' to permission_classes before DjangoObjectPermissions.

Warnings

breaking Version 0.4.0 requires Python >=3.10 and drops support for Django <3.2 and DRF <3.12.
fix Upgrade Python to 3.10+ and ensure Django>=3.2, DRF>=3.12.
gotcha DjangoObjectPermissionsFilter requires that view's queryset supports filtering by user permissions. For complex permission logic, override filter_queryset.
fix Ensure your model has object permissions assigned via guardian.
deprecated The mixins module is experimental and may change. Prefer using DjangoObjectPermissionsFilter directly.
fix Use filter_backends = [DjangoObjectPermissionsFilter] instead of mixins.

Imports

Quickstart

Enable object-level permissions in a DRF viewset by adding DjangoObjectPermissions to permission_classes and DjangoObjectPermissionsFilter to filter_backends.

from rest_framework import permissions
from rest_framework_guardian.filters import DjangoObjectPermissionsFilter
from rest_framework_guardian import mixins

class MyViewSet(mixins.ListModelMixin, mixins.CreateModelMixin, ...):
    permission_classes = [permissions.IsAuthenticated, permissions.DjangoObjectPermissions]
    filter_backends = [DjangoObjectPermissionsFilter]
last verified Mon Apr 27
next check Sun Jul 26