admin can add remove or edit api users can just view django permission code example
Example 1: django user permission check
# all your import goes here for Models.py
...
# Adding Permissions to a Model.
class BlogPost(models.Model):
... # model fields
class Meta:
permissions = [('can_write_blog', 'Can Write Blog')]
# Checking permissions in Views.py
if request.user.has_perm('app_name.can_write_blog'):
# give access to blog post form
else:
# restrict user from access the page.
Example 2: how to create staff account in django
user = User.objects.create_user('john', '[email protected]', 'johnpassword')
user.is_staff=True
user.save()