there is a managemen tab in my platform which needed to be accessible only by couple of users/groups
@login_required
def dashboard(request):
.
.
.
return render(request, "man/dashboard.html", context)
This view is not related to any Models and there is not permission/content_type assiciated with this and not possible to assigne permissions to users in django-admin panel.
I want to create a custome permissoin for it with below code:
from django.db import models
from django.contrib.contenttypes.models import ContentType
from django.contrib.auth.models import Permission
class ManagementTabPermission(models.Model):
class Meta:
managed = False
content_type = ContentType.objects.get_for_model(ManagementTabPermission)
Permission.objects.create(
codename='can_view_management_tab',
name='Can view management tab',
content_type=content_type
)
so I can bind this codename to user permissions in django-admin and then use @permission_required('man.can_view_management_tab')
is this solution best way to do it? should I create an un-managed Model for it?
its my first time developing access management, what is the best practice to permission management for views in django?