Figuring out what Django permission names are and what permissions a user has

You can see the permissions a particular user has, in the 'machine-readable' form Django uses, quite easily through the Django shell. For a user with the username 'david', for example:

$ python manage.py shell
from django.contrib.auth.models import User
david = User.objects.get(username="david")
david.get_all_permissions()

{u'evaluations.add_evaluation',
 u'evaluations.change_evaluation',
 u'reports.view',
 u'reports.view_all'}

Both this and the template form (see below) correctly see permissions that are directly added to a user and those which are associated through groups.

So it seems the undocumented convention/rule is that the permission listed on the Django admin page, in the form "evaluations | evaluation | Can add evaluation" or "evaluations | evaluation | Can change evaluation" translates to dots replacing the pipes, dropping the model section entirely and also the word "Can" being dropped, and underscores replacing spaces, in the form "evaluations.add_evaluation" or "evaluations.change_evaluation".

Using a permission as a conditional in a template looks like this:

Reference

https://docs.djangoproject.com/en/1.8/ref/contrib/auth/

https://www.chicagodjango.com/blog/testing-different-django-user/

http://stackoverflow.com/questions/17620783/django-access-admin-user-in-python-shell

http://stackoverflow.com/questions/2081061/django-user-get-all-permissions-is-empty-while-user-permissions-is-set

http://stackoverflow.com/questions/16969009/checking-for-permission-in-django-template-not-working

http://stackoverflow.com/questions/9469590/check-permission-inside-a-template-in-django

http://stackoverflow.com/questions/4778685/how-do-i-use-django-groups-and-permissions