I'm creating a Django app, aimed at organizations that will have several users. So in the models, I have organizations and users, and organizations should be independent.
First user of an organization to signup will be admin, next users to signup will be employees. Admin can create user groups (usergroups/roles) to set the employees' permissions within the app.
Django already allows this, but a Django admin can edit all users right? Is there a way to have a manager by organization, who could only see and edit its employees permissions and not see all the users in database?
What you could do is to override your get_queryset on a ModelAdmin
class ClassAdmin(admin.ModelAdmin):
def get_queryset(self, request):
qs = super(ClassAdmin, self).get_queryset(request)
if your_condition:
return qs.filter(b='bar')
return qs.filter(b='foo')
when you register your class to admin, don't forget to do admin.site.register(Class, ClassAdmin)