Can i use groups permissions with custom user model?

[Max M]

Hello!

For example, i extend User:

class ExtUserManager(BaseUserManager):
    def create_user(self, email, password=None):
        """
        Creates and saves a User with the given email, date of
        birth and password.
        """
        if not email:
            raise ValueError('Users must have an email address')

        user = self.model(
                email=self.normalize_email(email),
        )

        user.set_password(password)
        user.save(using=self._db)
        return user

    def create_superuser(self, email, password):
        """
        Creates and saves a superuser with the given email, date of
        birth and password.
        """
        user = self.create_user(
                email=self.normalize_email(email),
                password=password,
        )
        user.is_admin = True
        user.is_active = True
        user.is_staff = True
        user.save(using=self._db)
        return user


class ExtUser(AbstractBaseUser, PermissionsMixin):
    first_name = models.CharField(max_length=50, blank=False, null=True, verbose_name='First Name')
    last_name = models.CharField(max_length=50, blank=False, null=True, verbose_name='Family Name')
    email = models.EmailField(
            verbose_name='email address',
            max_length=255,
            unique=True,
    )
    phone = models.CharField(max_length=50, blank=False, null=True, verbose_name='Phone Number')
    company = models.ForeignKey(Company, null=True, blank=True, verbose_name='Company')
    is_active = models.BooleanField(default=False)
    is_admin = models.BooleanField(default=False)
    is_staff = models.BooleanField(default=False)
    objects = ExtUserManager()

    USERNAME_FIELD = 'email'

    def get_full_name(self):
        # The user is identified by their email address
        return self.email

    def get_short_name(self):
        # The user is identified by their email address
        return self.email

    def __str__(self):              # __unicode__ on Python 2
        return self.email

    def has_perm(self, perm, obj=None):
        "Does the user have a specific permission?"
        # Simplest possible answer: Yes, always
        return True

    def has_module_perms(self, app_label):
        "Does the user have permissions to view the app `app_label`?"
        # Simplest possible answer: Yes, always
        return True

    @property
    def is_employee(self):
        return bool(self.groups.filter(name='Employee').count())

    @property
    def is_restaurant(self):
        return bool(self.groups.filter(name='Restaurant').count())

    class Meta:
        verbose_name = 'User'

And i create group "Employee" with some minimal privileges. After this, i add user to this group, but user have all admin privileges. What's wrong?