Settings¶
Redirect to the login page¶
Instead of getting a Forbidden (403) error when the user has no permission, you can make the request be redirected to the login page.
Add the following variable to your django settings.py
:
settings.py
ROLEPERMISSIONS_REDIRECT_TO_LOGIN = True
Register User Admin¶
Replaces the default django.contrib.auth.admin.UserAdmin
with RolePermissionsUserAdmin
so you can manange roles interactively via the Django User Admin Site.
Add the following variable to your django settings.py
:
settings.py
ROLEPERMISSIONS_REGISTER_ADMIN = True
Disable superuser superpowers¶
By default Django superusers have all roles and permissions. You can disable this behavior and make them respect their roles and permissions.
Superusers still can add any role or permission to them through Django Admin.
settings.py
ROLEPERMISSIONS_SUPERUSER_SUPERPOWERS = False