def user_has_permission(user, resource, action): if user.is_superuser: return True if not user.is_active: return False return user.roles.filter( permissions__resource=resource, permissions__action=action ).exists()