[GENERAL] Row based permissions: at DB or at Application level?

I am thinking about rewriting an existing application which uses PostgreSQL via Django (ORM and Web-Framework written
in 
Python).

Up to now the permission checks are done at the application level.

Up to now queries like: "Show all items which the current user is allowed to modify" result in complicated SQL and
this leads to slow queries.

Up to now there is one db-user and the application does the filtering of rows to prevent application users to see
items which they are not allowed to see.

I guess most web applications work like this.

I would like to reduce the "ifing and elsing" in my python code (less conditions, less bugs, more SQL, more
performance)

How could an application which gets written from scratch use PostgreSQL to implement
row based permissions?

Regards,
   Thomas Güttler

--
Thomas Guettler http://www.thomas-guettler.de/