Solved: staff user is not restricting permission in django

The main problem with not restricting permission is that it can lead to users being able to do things they shouldn’t be able to do. For example, if a user has permission to edit a post, they might be able to delete it too.

I have a problem with Django. I am using Django 1.8 and Python 3.4. I have created a superuser and staff user in my project, but the staff user is not restricting permission in django admin panel. 
I want to restrict the staff user from accessing some of the models in django admin panel, but it is not working for me, please help me out with this issue.


You should add <code>is_staff = True</code> to your User model:
<p>The LogEntry model has two required fields:</p>
<li><strong><code>&lt;code&gt;user&lt;/code&gt;</code></strong>: The User that performed the action.</li>
<li><strong><code>&lt;code&gt;action_time&lt;/code&gt;</code></strong>: The timestamp of the action.</li>
<p>[...] If you want to log actions performed by non-staff users, you’ll need to set <a href="" rel="nofollow noreferrer"><strong><em><a href="" rel="nofollow noreferrer">User.<strong></strong>.is_staff</a></em></strong></a>] to True.</p>

Permissions in Django

Permissions in Django are a way to control who can do what with your app. They are defined in the file and can be set on a per-user or per-app basis.

Permissions can be set on a permission level, which is either read or write. A permission level can also be set to allow all users, only users in a certain role, or only users with certain permissions.

You can also use the DJANGO_SETTINGS_MODULE environment variable to set permissions for all requests made by your app.

Related posts:

Leave a Comment