Bypass an Admin screen if there is only one candidate
15 views
Skip to first unread message
Mike Dewhirst
Apr 14, 2021, 7:42:33 PM4/14/21
to Django users
The use case is to register a company and admin user at the same time
and the objective is to restrict all users to their own company.
Therefore there will never be more than one company for any user (except
me of course).
Currently this means two pages need to be opened to get to that one
instance.
../admin/company/company opens the page with a list of one company
../admin/company/company/18/change opens the actual company for editing
This is how I restrict the queryset in admin.py ...
def get_queryset(self, request):
qs = super().get_queryset(request)
if is_operator(request.user):
return qs
coy = get_user_company(request)
if coy:
return qs.filter(id=coy.id)
I think I need to find some way to interfere with the flow and adjust
the URL to f"{url}/{coy.id}/change"
It may be in change_view() but that seems a bit beyond me
How to do that?
Thanks
Mike
--
Signed email is an absolute defence against phishing. This email has
been signed with my private key. If you import my public key you can
automatically decrypt my signature and be sure it came from me. Just
ask and I'll send it to you. Your email software can handle signing.
and the objective is to restrict all users to their own company.
Therefore there will never be more than one company for any user (except
me of course).
Currently this means two pages need to be opened to get to that one
instance.
../admin/company/company opens the page with a list of one company
../admin/company/company/18/change opens the actual company for editing
This is how I restrict the queryset in admin.py ...
def get_queryset(self, request):
qs = super().get_queryset(request)
if is_operator(request.user):
return qs
coy = get_user_company(request)
if coy:
return qs.filter(id=coy.id)
I think I need to find some way to interfere with the flow and adjust
the URL to f"{url}/{coy.id}/change"
It may be in change_view() but that seems a bit beyond me
How to do that?
Thanks
Mike
--
Signed email is an absolute defence against phishing. This email has
been signed with my private key. If you import my public key you can
automatically decrypt my signature and be sure it came from me. Just
ask and I'll send it to you. Your email software can handle signing.
Reply all
Reply to author
Forward
0 new messages