lets have a structure of my User model.
BaseUser <- BusinessOwner <- Business Staff (BusinessOwner can create,update,delete BusinessStaff )
BaseUser <- Customer
I'm having problem when creating an inherited user from AbstractBaseUser, All i want is to add a row in myappname_baseuser_user_permissions table which has columns : id , baseuser_id, permission_id, with correct permissions assign to correct user id, such as : add_staff, change_staff, delete_staff
Things is normal when i create new BusinessOwner user with admin page and easily add permissions, but not the POST method im using with django restframework, there are no permissions. So where should i put my permissions code? and what is the code? in model.py or view.py ? ,my permissions codename are : add_staff, change_staff, and delete_staff
here is my model.py:
class UserManager(BaseUserManager):
def _create_user(self, email, password, is_staff, is_superuser, **extra_fields):
now = timezone.now()
if not email:
raise ValueError('The given email must be set')
email = self.normalize_email(email)
user = self.model(email=email,
is_staff=is_staff, is_active=True,
is_superuser=is_superuser, last_login=now,
date_joined=now, **extra_fields)
user.set_password(password)
user.save(using=self._db)
return user
def create_user(self, email, password=None, **extra_fields):
return self._create_user(email, password, False, False,
**extra_fields)
def create_superuser(self, email, password, **extra_fields):
return self._create_user(email, password, True, True,
**extra_fields)
class BaseUser(AbstractBaseUser, PermissionsMixin):
first_name=models.CharField(max_length=20)
last_name=models.CharField(max_length=20)
email=models.EmailField(max_length=254, unique=True)
is_staff = models.BooleanField(default=False)
is_active = models.BooleanField(default=True)
date_joined = models.DateTimeField(default=timezone.now)
objects = UserManager()
USERNAME_FIELD = 'email'
REQUIRED_FIELDS = []
class Meta:
verbose_name = _('user')
verbose_name_plural = _('users')
class BusinessOwner(BaseUser):
business_name=models.CharField(max_length=20)
class Customer(BaseUser):
address=models.CharField(max_length=30)
class Staff(BaseUser):
position=models.CharField(max_length=30)
my view.py
class CreateBusinessOwnerView(mixins.ListModelMixin,
mixins.CreateModelMixin,
generics.GenericAPIView):
queryset = BusinessOwner.objects.all()
serializer_class = CreateBusinessOwner
def get(self, request, *args, **kwargs):
return self.list(request, *args, **kwargs)
def post(self, request, *args, **kwargs):
return self.create(request, *args, **kwargs)
def post_save(self, obj, created=False):
if created:
obj.set_password(obj.password)
obj.save()
and my serializers.py
class CreateBusinessOwner(serializers.ModelSerializer):
class Meta:
model = BusinessOwner
fields = ('email', 'password', 'first_name', 'last_name', 'business_name' ,'date_joined')
read_only_fields = ('date_joined',)
Thanks for helping me!
