Settings / Authorization

On the authorization page permissions can be managed for a certain user or user group.

Use this page to manage both for end-users permissions and staff users permissions. Only users that have is_staff permission are allowed to log into the the staff panel, while staff users are not allowed to log into the end-users area (to avoid any confusion). Hence the permission applies for each user’s panel: staff user rights for staff panel and end-user rights for end-user panel.

../_images/settings-authorization-empty.png

In order to change permissions, search for a user or group in the autocomplete input field then after you select one, a detailed list will be displayed.

../_images/permissions-list.png

As you can see, permissions are displayed on 2 columns on desktops and 1 column on mobile screens. Each permission category is separated by a headline.

../_images/permissions-description.png

Hovering over a permission will display a tooltip containing the description of that item. You can switch on/off a permission by clicking on the whole row.

Effective permissions

A user has 2 checkboxes for each permission, the first one representing the value that is assigned only to his own permissions set, and the second checkbox, the disabled one, representing the effective permission that the user currently has for that action.

../_images/permissions-checkboxes.png

Effective permissions are calculated based on the values of permissions of the user groups that the user is part of, and his own permissions.

../_images/effective-permission.png

If the user is included in any group, a note will be displayed on top of the permissions list that tells about the effective permissions, and lists the groups that the user is part of.

../_images/user-in-usergroup-note.png

Once you finish managing permissions, click the Save button from the bottom of the list.

Permissions for user groups

Everything works the same for user groups, except that they don’t have effective permissions, as their permissions cannot be influenced by another permissions set values.

Trying to take action without having permission

If a user doesn’t have the effective permissions to take a certain action, the related buttons for that action are disabled or an error dialog will be shown like in the following image.

../_images/permission-error.png

Default permissions

Default permissions for every user or user group can be managed by including in settings.py the following line:

../_images/grant-permissions.png

setting True for having all permissions enabled by default and False for not allowing the user to take any action described in the permissions list. By default, GRANT_ALL_PERMISSIONS_IMPLICITLY is set to True. Default permissions are applied on a newly created user or group.