0

 For example in a Car Rental System where the car owner should have his admin interface to view, add and delete his cars and also view orders orders, pending payments, finished payments but he should not have access to other car_owners' admin interfaces. He also should not have access to the actual admin interface where all app permissions are accessed.

I have tried to use django user authentication system filter permissions using is_superuser and is_admin but I can seem to get where I want. I have never done this before and I can't seem to get an answer on the internet. Most of these django developers use a single adminstation system.

SIMBA
  • 1
  • 1

1 Answers1

1
  1. Make sure that the dependent models like cars and payments have foreign key back to User model
  2. Create all the permissions at model level
  3. Login to your admin panel as superuser
  4. Create two groups - CarAdminsGroup and SiteAdminsGroup
  5. Assign the correct permissions to correct group
  6. Create two users - CarAdminUser and SiteAdminUser
  7. Assign respective groups to respective user
  8. Check for permissions before executing the query
  9. During the query execution always add USER=CURRENT_USER filter condition
user1933205
  • 300
  • 4
  • 12