permissions and inlines issues
56 views
Skip to first unread message
Emanuel
Oct 9, 2014, 2:55:08 PM10/9/14
to django...@googlegroups.com
Hi all!
I have this situation:
class A(models.Model):
...
class B(models.Model):
---
class C(models.Model):
....
Then I have User 1, User 2 and User 3
B and C are inlines for A
I register A, B and C in admin
I want User 1 and add and edit B and can't add or edit A
and I want User 2 can add and edit on A but not on A
But in both situations they can only do it (and see it) as they are Inlines
And I need A, B and C registered in admin because User 3 can add and edit B and C while they are not Inlines
I googled it and I can't find any solution
I have this situation:
class A(models.Model):
...
class B(models.Model):
---
class C(models.Model):
....
Then I have User 1, User 2 and User 3
B and C are inlines for A
I register A, B and C in admin
I want User 1 and add and edit B and can't add or edit A
and I want User 2 can add and edit on A but not on A
But in both situations they can only do it (and see it) as they are Inlines
And I need A, B and C registered in admin because User 3 can add and edit B and C while they are not Inlines
I googled it and I can't find any solution
Collin Anderson
Oct 9, 2014, 4:02:28 PM10/9/14
to django...@googlegroups.com
Why can't the first two users edit the data the same way as user 3?
I'd recommend overriding get_readonly_fields() on the ModelAdmin for A so that all fields are readonly for the users who aren't allowed to edit model A. They'll still need the "can edit" permission for model A.
I _think_ the inlines will automatically figure out if the user has permission to edit them. Otherwise, you can override get_inline_instances() to remove the inlines if they can't edit them.
Emanuel
Oct 10, 2014, 7:50:14 AM10/10/14
to django...@googlegroups.com
Hi
Thanks for the answer. The current solution I had it's the one that you sugest.
But I still have the problem that on the index admin page shows the application.
The scenario is this:
A factory have a diary production (A)
And every day people produce Articles and to do that they use some Feedstock
I have two different models to control Articles and Feedstock flow, FlowB (B) and FlowC(C)
Some users can add a diary production, and in there add some articles and some feedstock
And for those users, the only way that Articles go in and feedstock go out is in the diary production (Diary)
But sometimes other people take some feedstock for other pruposes, and that not belong to the Diary. Also only the Administrator can allow that situation, and therefore he have to add an entrance directly on C. This is why I need to have C registered in Admin.
But to the other users can add C elements in the diary (A), they see C in index and I want them not to see, only the Administrator
Thanks
Thanks for the answer. The current solution I had it's the one that you sugest.
But I still have the problem that on the index admin page shows the application.
The scenario is this:
A factory have a diary production (A)
And every day people produce Articles and to do that they use some Feedstock
I have two different models to control Articles and Feedstock flow, FlowB (B) and FlowC(C)
Some users can add a diary production, and in there add some articles and some feedstock
And for those users, the only way that Articles go in and feedstock go out is in the diary production (Diary)
But sometimes other people take some feedstock for other pruposes, and that not belong to the Diary. Also only the Administrator can allow that situation, and therefore he have to add an entrance directly on C. This is why I need to have C registered in Admin.
But to the other users can add C elements in the diary (A), they see C in index and I want them not to see, only the Administrator
Thanks
Collin Anderson
Oct 10, 2014, 8:22:35 AM10/10/14
to django...@googlegroups.com
So the remaining problem is that models are showing up in the admin index page when people don't have permission to them?
Emanuel
Oct 10, 2014, 1:11:42 PM10/10/14
to django...@googlegroups.com
Yes. But they have permission to them. But I want some people only have permission to see when the models are inlines from another model. And other people have permission to see always...
Thanks
Thanks
Collin Anderson
Oct 10, 2014, 1:44:33 PM10/10/14
to django...@googlegroups.com
Ohh. Yes. I get it now. At my work we've used the undocumented, unsupported ModelAdmin.get_model_perms() to hide models from the index page.
Collin Anderson
Oct 10, 2014, 1:45:46 PM10/10/14
to django...@googlegroups.com
Ohh, but it might still be possible to circumvent that hiding, so I'm not sure.
Emanuel
Oct 10, 2014, 1:53:29 PM10/10/14
to django...@googlegroups.com
Ok
Thanks, I will try and post here the result later
Thanks, I will try and post here the result later
Emanuel
Oct 10, 2014, 2:23:47 PM10/10/14
to django...@googlegroups.com
Thanks, it worked.
The final code
:
models.py
class BFlow(models.Model):
admin.py
class BFlowAdmin(admin.ModelAdmin):
And finally it worked :) Thanks
The final code
:
models.py
class BFlow(models.Model):
...
class Meta:
class Meta:
permissions = (("see_BFlow", "User can see BFlow in admin index page"),)
admin.py
class BFlowAdmin(admin.ModelAdmin):
def get_model_perms(self, request):
if request.user.has_perm('see_BFlow'):
return super(BFlowAdmin, self).get_model_perms(request)
return {}
if request.user.has_perm('see_BFlow'):
return super(BFlowAdmin, self).get_model_perms(request)
return {}
And finally it worked :) Thanks
Reply all
Reply to author
Forward
0 new messages