Staff / Settings / Authorization¶
On the authorization page permissions can be managed for a certain user or user group.
Use this page to manage both for end-users permissions and staff users permissions. Only users that have Is staff permission are allowed to log into the the staff panel, while staff users are not allowed to log into the end-users area (to avoid any confusion). Hence the permission applies for each user’s panel: staff user rights for staff panel and end-user rights for end-user panel.
In order to change permissions, search for a user or group in the autocomplete input field then after you select one, a detailed list will be displayed.
As you can see, permissions are displayed on 2 columns on desktops and 1 column on mobile screens. Each permission category is separated by a headline.
Hovering over a permission will display a tooltip containing the description of that item. You can switch on/off a permission by clicking on the whole row.
A user has 2 checkboxes for each permission, the first one representing the value that is only assigned to his own permissions set, and the second checkbox, the disabled one, representing the effective permission that the user currently has for that action.
Effective permissions are calculated based on the values of permissions of the user groups that the user is part of, and his own permissions.
If the user is included in any group, a note will be displayed on top of the permissions list that tells about the effective permissions, and lists the groups that the user is part of.
Once you finish managing permissions, click the Save button from the bottom of the list.
Permissions for user groups¶
Everything works the same for user groups, except that they don’t have effective permissions, as their permissions cannot be influenced by another permissions set values.
Trying to take action without having permission¶
If a user doesn’t have the effective permissions to take a certain action, the related buttons for that action are disabled or an error dialog will be shown like in the following image.
Default permissions for every user or user group can be managed by including in settings.py the following line:
True for having all permissions enabled by default and
False for not allowing the user to take any
action described in the permissions list. By default,
GRANT_ALL_PERMISSIONS_IMPLICITLY is set to True. Default
permissions are applied on a newly created user or group.