A couple years ago, a branch in Django's repository was created to explore implementing finer-grained permissions (at the level of individual objects, rather than at the level of model classes). That branch is long since dead; it has not seen a commit in over two years, and likely will never be updated or integrated into Django in any meaningful way.

If you need finer-grained permissions in your own applications, it should be noted that Django's administrative application supports this, via the following methods which can be overridden on subclasses of `ModelAdmin`. Note that all of these methods receive the current `HttpRequest` object as an argument, allowing for customization based on the specific authenticated user:

 * `queryset(self, request)`: Should return a `QuerySet` for use in the admin's list of objects for a model. Objects not present in this `QuerySet` will not be shown.
 * `has_add_permission(self, request)`: Should return `True` if adding an object is permitted, `False` otherwise.
 * `has_change_permission(self, request, obj=None`): Should return `True` if editing `obj` is permitted, `False` otherwise. If `obj` is `None`, should return `True` or `False` to indicate whether editing of objects of this type is permitted in general (e.g., if `False` will be interpreted as meaning that the current user is not permitted to edit any object of this type).
 * `has_delete_permission(self, request, obj=None`): Should return `True` if deleting `obj` is permitted, `False` otherwise. If `obj` is `None`, should return `True` or `False` to indicate whether deleting objects of this type is permitted in general (e.g., if `False` will be interpreted as meaning that the current user is not permitted to delete any object of this type).

For public-facing (i.e., non-admin) views, you are of course free to implement whatever form of permission-checking logic your application requires.gfhfhfghfgh