Model (table) level permissions can be achieved using the groups facility provided by Django
auth. Groups let you create custom permissions at a model level. Instance (row) level would be trickier. You would most likely have to write a custom mechanism to accomplish this.
Here is a Django Snippet that might give you some ideas.
Django Guardian seems to be the best solution today for Model instance level permissions.
There was an open source release for row/object level permissions by the washington times team that might be of use:
- How to compare version string ("x.y.z") in MySQL?
- Django transaction.atomic() guarantees atomic READ + WRITE?
- Django custom authentication back-end doesn't work
- Django Forms: Foreign Key in Hidden Field
- In Django, how can I get an exception's message?