i trying limit access pages using 2 user levels. superuser , admin. super user regular django user 'is_superuser' assigned. admin user regular user 'is_staff' permission assigned.
the problem when use decorator admin user, doesn't pass test:
@permission_required('is_staff') def my_view(....) @permission_required('is_staff') returns false anonymous users. (correct)
@permission_required('is_superuser') returns true superusers (correct)
@permission_required('is_staff') returns false users 'is_staff' perm assigned. (wrong).
any thoughts?
is_staff isn't permission instead of permission_required use:
@user_passes_test(lambda u: u.is_staff) or
from django.contrib.admin.views.decorators import staff_member_required @staff_member_required 
Comments
Post a Comment