django permissions to restrict view based on groups

Question

I currently have an order management app. But the team I am creating this for has two departments the office and the factory who'll be using the same app but with each team having access to what they need. I'm confused if I should create two different apps to login into the same system (but that would redundant code) or if there's any other way I can set permissions. I have tried using the django admin permissions and they don't seem to work.

Answer 1

you can create different html pages for different teams like office team have their own html page and factory team have different html page .

def user_login(request):
    if request.method == 'POST':
        username=request.POST.get('username')
        password = request.POST.get('password')
        user = authenticate(username=username,password=password)
        if user:
            if user.is_active:
                if user.is_admin:
                    login(request,user)
                    return HttpResponseRedirect(reverse('adminpage'))
                    #return render(request,'admin.html')
                else:
                    login(request,user)
                    return HttpResponseRedirect(reverse('userpage'))
                    #return render(request,'user.html')
            else:
                return HttpResponseRedirect('Account not active')
        else:
            #message={"info":"someone tried to login and failed! ","details":"username :{} and password: {}".format(username,password)}
            return HttpResponse("someone tried to login and failed ! <br />details: <br />username: {} <br /> password:{} ".format(username,password))
    else:
        return render(request,'login.html')

you can create models with specified role as active according to condition.(you can create radio button for factory and office and according to radio button you models code work.

class MyUser(AbstractBaseUser):
    email = models.EmailField(verbose_name='email address',max_length=255,unique=True,)
    full_name = models.CharField(max_length=255,null=True,blank=True)
    date_of_birth = models.DateField()
    is_active = models.BooleanField(default=True)
    is_admin = models.BooleanField(default=False)
    is_agent = models.BooleanField(default=False)

choices are :

USER_CHOICES = (
   ('is_admin','ADMIN'),
   ('is_agent', 'AGENT')
)

Answer 2

You can have the same authentication page for both users and staff and redirect them to the same page, (suppose the dashboard ). Now you can add a link in the dashboard which is visible only if the logged in user is a superuser. The link would redirect to an admin interface. The dashboard could be something common for both users. Hope this helps.