In my Django admin i added new field called privilage class along with groups and user permissions .
so, my user table having privilage_class based on i am giving access to multiple groups. each groups having user_permissions.
I made admin setup but permissions was not implemented . what to do beyond?
for eg:
user having priv class executive
Privilege class if executive he having access to multiple groups->
Each groups carries user permissions (URL),
Assets -> assets related URL
Billing -> related URLs
setup has been done. but dont know how to apply permission.
i know difficult to understand but pro will understand. so kindly help me regarding this.
i am using django and DRF as well
Thanks in advance!
You have to write your own custom permission class to decide what to do when a user belongs to a particular privilege class. This url [1] has the docs to implement it.
An example implementation:
class UserPrevilagePermission(permissions.BasePermission):
def has_permission(self, request, view):
user = request.user
# check if the user has required permission based on request url
if 'assets' in request.path:
# decide which perm to check
if user.has_perm('perm-name-to-check'):
return True
return False
Now use this permission class in your views as explained here [2].
Check out django's permission methods on the user object from here [3].