Update README

Make clear that row level and object level access control can be implemented with this library, but is not available "out of the box".
dimagi · Dec 13, 2023 · a8c47ae · a8c47ae
1 parent b1f5170
commit a8c47ae
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/README.rst b/README.rst
@@ -18,9 +18,9 @@ example of this in practice is `PostgreSQL roles and privileges
 <http://www.postgresql.org/docs/devel/static/user-manag.html>`_.
 
 The roles and privileges are whatever abstract concepts make sense for your system. It is up
-to application code to determine what actions to take based on the privileges granted. This
-can, of course, be implemented in terms of a lower-level permission system such as
-row-level or object-level access control lists (ACLs).
+to application code to determine what actions to take based on the privileges granted. You can
+use django-prbac to implement lower level concepts such as row-level or object-level access
+control.
 
 **Parameterized role-based access control (PRBAC)** adds parameters
 to roles and privileges. Now, for example, you might grant ``"Reporting(organization="Dimagi",area="Finance")``