Can i use group permissions with custom User model?

Hello everyone! 

For example, i have an extended User model:

class ExtUserManager(BaseUserManager):
    def create_user(self, email, password=None):
        """
        Creates and saves a User with the given email, date of
        birth and password.
        """
        if not email:
            raise ValueError('Users must have an email address')

        user = self.model(
                email=self.normalize_email(email),
        )

        user.set_password(password)
        user.save(using=self._db)
        return user

    def create_superuser(self, email, password):
        """
        Creates and saves a superuser with the given email, date of
        birth and password.
        """
        user = self.create_user(
                email=self.normalize_email(email),
                password=password,
        )
        user.is_admin = True
        user.is_active = True
        user.is_staff = True
        user.save(using=self._db)
        return user


class ExtUser(AbstractBaseUser, PermissionsMixin):
    first_name = models.CharField(max_length=50, blank=False, null=True, verbose_name='First Name')
    last_name = models.CharField(max_length=50, blank=False, null=True, verbose_name='Family Name')
    email = models.EmailField(
            verbose_name='email address',
            max_length=255,
            unique=True,
    )
    phone = models.CharField(max_length=50, blank=False, null=True, verbose_name='Phone Number')
    company = models.ForeignKey(Company, null=True, blank=True, verbose_name='Company')
    is_active = models.BooleanField(default=False)
    is_admin = models.BooleanField(default=False)
    is_staff = models.BooleanField(default=False)
    objects = ExtUserManager()

    USERNAME_FIELD = 'email'

    def get_full_name(self):
        # The user is identified by their email address
        return self.email

    def get_short_name(self):
        # The user is identified by their email address
        return self.email

    def __str__(self):              # __unicode__ on Python 2
        return self.email

    def has_perm(self, perm, obj=None):
        "Does the user have a specific permission?"
        # Simplest possible answer: Yes, always
        return True

    def has_module_perms(self, app_label):
        "Does the user have permissions to view the app `app_label`?"
        # Simplest possible answer: Yes, always
        return True

    @property
    def is_employee(self):
        return bool(self.groups.filter(name='Employee').count())

    @property
    def is_restaurant(self):
        return bool(self.groups.filter(name='Restaurant').count())

    class Meta:
        verbose_name = 'User'

Also, i create group "Employee" and give minimal permissions for that group. After this, i create user and add him to that group (Employee), but user (not admin) have all admin privileges. What i do wrong?

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/b24b77db-6672-45bb-aea5-ca143c8108d7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.