Added permission chapters

docs/restrict_parts.rst

@@ -1,2 +1,28 @@
 How to restrict access to parts of Django admin?
 =================================================
+
+You can enable and restrict access to specific parts of Django admin using the permission system.
+When a model is added, by default, Django creates three permissions. :code:`add, change and delete`
+
+
+Admin uses these permissions to decide access for users. For a user with :code:`is_superuser=False`, and no permissions, the admin looks like this
+
+.. image:: access_no_perms.png
+
+If you add a permission :code:`user.user_permissions.add(Permission.objects.get(codename="add_hero"))`, the admin starts looking like this
+
+.. image:: access_one_perm.png
+
+You can add more complex logic to restrict access by changing these methods::
+
+    def has_add_permission(self, request):
+        ...
+
+    def has_change_permission(self, request, obj=None):
+        ...
+
+    def has_delete_permission(self, request, obj=None):
+        ...
+
+    def has_module_permission(self, request):
+        ...

docs/specific_users.rst

@@ -6,3 +6,4 @@ To disable a user from being able to access the admin, you should set :code:`is_
 
 This holds true even if the user is a superuser. :code:`is_superuser=True`. If a non-staff tries to access the admin, they see a message like this.
 
+.. image:: access_no_is_staff.png

heroes_and_monsters/entities/admin.py

@@ -93,6 +93,19 @@ def get_actions(self, request):
     def is_very_benevolent(self, obj):
         return obj.benevolence_factor > 75
 
+    # def has_add_permission(self, request):
+    #     return has_hero_access(request.user)
+
+    # def has_change_permission(self, request, obj=None):
+    #     return has_hero_access(request.user)
+
+    # def has_delete_permission(self, request, obj=None):
+    #     return has_hero_access(request.user)
+
+    # def has_module_permission(self, request):
+    #     return has_hero_access(request.user)
+
+
     is_very_benevolent.boolean = True