Set Per-Model Permissions in Django

Question

I am completely lost and am hoping to get some clarity.

The Django documentation (especially docs.djangoproject.com and djangobook.com) talks extensively about how to retrieve permissions programmatically and to test users for permissions, but what I can't find is one of the most basic uses of permissions alluded to in the documentation: controlling per-model (not per-object, just the model) permissions for the admin interface.

Say I have a model called Book. I want all staff users to be able to edit any book object in the admin interface. As an added layer of complexity, I'm using Django-nonrel (with djangotoolbox and django-permission-backend-nonrel).

I have created a permission called change_book for the book type using the Permissions section of the admin interface. However, my test user (who is is_staff but not is_superuser) just sees the generic message "You don't have permissions to edit anything" in the admin landing page. I can see the box to set/unset permissions for the user, but when I select the new permissions and click "save", the permission is not attached to the user as far as I can tell.

What do I specifically name the permission and how do I attach it to the user?

UPDATE: Here's (the relevant parts of) settings.py:

from djangoappengine.settings_base import *

import os

DEBUG = True

BASE_DIR = os.path.dirname(os.path.abspath(__file__))

# Activate django-dbindexer for the default database
DATABASES['native'] = DATABASES['default']
DATABASES['default'] = {'ENGINE': 'dbindexer', 'TARGET': 'native'}
AUTOLOAD_SITECONF = 'indexes'

AUTHENTICATION_BACKENDS = (
    'permission_backend_nonrel.backends.NonrelPermissionBackend',
)

INSTALLED_APPS = (
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.messages',
    'django.contrib.sessions',
    'django.contrib.staticfiles',

    'djangotoolbox',
    'permission_backend_nonrel',
    'dbindexer',

    'library',

    # djangoappengine should come last, so it can override a few manage.py commands
    'djangoappengine',
)

MIDDLEWARE_CLASSES = (
    # This loads the index definitions, so it has to come first
    'autoload.middleware.AutoloadMiddleware',

    'django.middleware.common.CommonMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
)

AUTH_USER_MODEL = 'library.User'

Answer 1

You can use the default django permissions mechanism and use the user as the foreign key.

Then you can select "can change" for the user for the book model.