DjangoModelPermissions is not consistent with permissions in admin when it terms to viewing entries

[Franz Allan See]

Hi,

I am using DjangoModelPermissions on my DRF and it does not seem to be consistent with the admin's application of model permission.

For example, I create a new staff user in my django app, and when I login with it, I do not see any users, groups or any other models (because I did not give it any access). But from DRF, that user can access a list of users, groups, etc.

Any ideas how to make DRF consistent with django admin?

Thanks,

Franz