I am currently making an architecture for my multi-client application, in which How to implement role based access model.
Every client will make customize-roles and will give permissions to that role.
Finally that role will be assigned to the agent who will then use the application according to the permissions given to his role.
Now my concern is, what can be best practice to make this possible and any idea about architecture that can be implement in Django.
Previously I have made an application which has role based access to the user of application.
In that, I use to save the permissions in the database and at the time of login the permissions of user will save in the session, which later can be use to check the permissions of that user.
django has user groups already implemented. All you need to do is create needed groups, assign permissions to them, and then pick needed groups for each user.
relevant docs, tutorial