I'm building an App with public access, restricted area for clients and another restricted area for managers.
I have a Manager model and Client model with foreign key to Users. And Manager is automatically added to group managers and client to clients.
I have an extranet for client which now is restricted by @login_required. It's same with extranet for managers.
I need to disable access clients to managers extranet.
Is it better creating a privilege in managers group and add it to every view in extranet part or somehow different?
One way is to use user_passes_test decorator:
Add this line before the view which you want to restrict to managers.
@user_passes_test(lambda u: u.groups.filter(name='managers').count() > 0, login_url='/myapp/denied/')