You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The former is correct, we agreed once that admins (= EQAR staff) are marked by the is_staff flag, whereas is_superuser is reserved for those that need actual access to DjangoSuit.
The text was updated successfully, but these errors were encountered:
I think there's a discrepancy between the permissions set on the actual admin API endpoints (they refer to https://www.django-rest-framework.org/api-guide/permissions/#isadminuser, which refers to
is_staff
in the Django user list) vs the/auth/users/me/
endpoint, which refers tois_superuser
: https://github.com/EQAR/eqar_backend/blob/master/accounts/serializers.py#L23-L24The former is correct, we agreed once that admins (= EQAR staff) are marked by the
is_staff
flag, whereasis_superuser
is reserved for those that need actual access to DjangoSuit.The text was updated successfully, but these errors were encountered: