django admin - You don't have permission to edit anything
3,781 views
Skip to first unread message
Benjamin Smith
Nov 5, 2015, 11:15:41 PM11/5/15
to django...@googlegroups.com
I followed the django doc on creating a custom user model while extending the model itself with my own fields. So it became like this:
class MyUser(AbstractBaseUser, PermissionsMixin):
email = models.EmailField(max_length=255, unique=True)
first_name = models.CharField(max_length=35)
last_name = models.CharField(max_length=35)
username = models.CharField(max_length=70, unique=True)
date_of_birth = models.DateField()
is_active = models.BooleanField(default=True)
is_admin = models.BooleanField(default=False)
@property
def is_staff(self):
return self.is_admin
def get_full_name(self):
return ('%s %s') % (self.first_name, self.last_name)
def get_short_name(self):
return self.username
objects = MyUserManager()
USERNAME_FIELD = 'email'
REQUIRED_FIELDS = ['first_name', 'last_name', 'username', 'date_of_birth']
And its manager to be:
class MyUserManager(BaseUserManager):
def create_user(self, email, first_name, last_name, username, date_of_birth, password=None):
if not email:
raise ValueError('User must have an email address')
user = self.model(
email=self.normalize_email(email),
first_name=first_name,
last_name=last_name,
username=username,
date_of_birth=date_of_birth,
)
user.set_password(password)
user.save(using=self._db)
return user
def create_superuser(self, email, first_name, last_name, username, date_of_birth, password):
user = self.create_user(
email,
first_name=first_name,
last_name=last_name,
username=username,
date_of_birth=date_of_birth,
password=password
)
user.is_admin = True
user.save(using=self._db)
return user
However, after I created the superuser while syncdb, when I login to the admin panel, there is nothing to do. It displays:
You don't have permission to edit anything.
I saw some other post with the same problem and most of them suggested to add admin.autodiscover() in the urls.py. But even this didn't help me.
This is the admin.py:
class MyUserAdmin(UserAdmin):
form = UserChangeForm
add_form = UserCreationForm
list_display = ('email', 'first_name', 'last_name', 'username', 'date_of_birth', 'is_admin')
list_filter = ('is_admin',)
fieldsets = (
(None, {'fields': ('email', 'password')}),
('Personal info', {'fields': (('first_name', 'last_name'), 'username', 'date_of_birth')}),
('Permissions', {'fields': ('is_admin',)}),
)
add_fieldsets = (
(None, {
'classes': ('Wide',),
'fields': ('email', 'first_name', 'last_name', 'username', 'date_of_birth')
}),
)
search_fields = ('email',)
ordering = ('email',)
filter_horizontal = ()
admin.site.register(MyUser, MyUserAdmin)
What am I doing wrong here? Please help me how to solve this problem. Thank you.
Andreas Kuhne
Nov 6, 2015, 6:06:22 AM11/6/15
to django...@googlegroups.com
Hi,
You don't have permissions to edit anything, because you haven't created a superuser.
The superuser in django has a property that is called "is_superuser" and should be set to True. If you don't have that property (and your createsuperuser sets some other property), you will have the same rights as everyone else, which is nothing to begin with. You can add rights to the user be adding the permissions you want, or by setting the is_superuser property to True.
Check the documentation for the django admin site here:
Regards,
Andréas
--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com.
To post to this group, send email to django...@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAM4YLW%2B3cBT8bLQL%2Bo1%3Dy6ZJ_7R8xUHvMd8AwfP_mxn%3DPRN6BA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
Benjamin Smith
Nov 6, 2015, 9:05:26 AM11/6/15
to django...@googlegroups.com
Hello,
Yes I thought so too, but in the example there is no is_superuser property provided neither in the User models or in the User manager. Therefore, I just copied the example from the django doc and tried running it. After creating the superuser, I can edit the models. I have no Idea what I am mission now.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CALXYUbnB8rA%2BtYcsc0htY2tNtcUmBDwo%3DgRO7OX62cKw8ksbNg%40mail.gmail.com.
Andreas Kuhne
Nov 6, 2015, 9:12:53 AM11/6/15
to django...@googlegroups.com
Hi,
Check the PermissionsMixin. In that mixin you add the is_superuser field. It also adds the relations to the auth group for group permissions and so on. And the django admin site checks for permissions by calling the has_perm() method on your user model. The has_perm() method always returns True if the user is a superuser, so you always get ALL rights that way. If you want finegrained rights you need to add the permissions manually (can be done in django admin).
Check the code for the PermissionsMixin here: https://github.com/django/django/blob/master/django/contrib/auth/models.py#L207
The reason why it's working now is because you have explicitly set the is_superuser property to True.
Regards,
Andréas
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAM4YLWKX6yFk%3D52J1BqT%3D5i-Fm0tHKc9hbowvt5nNTpXjaSAtw%40mail.gmail.com.
Benjamin Smith
Nov 6, 2015, 6:34:39 PM11/6/15
to django...@googlegroups.com
Yes, that was it. I changed the user manager function to create superuser into this
def create_superuser(self, email, first_name, last_name, username, date_of_birth, password, **kwargs):
user = self.create_user(
email,
first_name=first_name,
last_name=last_name,
username=username,
date_of_birth=date_of_birth,
password=password,
is_superuser=True,
**kwargs
)
All thanks to you! Now I understand much better.
Thank you.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CALXYUbmezE5U%2BUN6ZzAtLO-YgT%2Bvy4pzWjSq9y9k3niX3yBGNg%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages