Get current user in model signal pre_save

[Xavier Palacín Ayuso]

I want to collects current user in model signal pre_save, to prevent remove super user permission to current super users.

As I have now so I can not give administrative privileges to a normal user.

from django.db.models.signals import pre_delete, pre_save, post_save
from django.dispatch.dispatcher import receiver
from django.contrib.auth.models import User
from django.core.exceptions import PermissionDenied


@receiver(pre_save, sender=User)
def save_user(sender, instance, **kwargs):
    if instance._state.adding is True:
        # we would need to create the object
        print "Creating an object"
    else:
        #we are updating the object
        if instance.is_superuser:
            raise PermissionDenied

[Xavier Palacín Ayuso]

Finally overrite a UserAdmin ModelAdmin:

from django.contrib.auth.admin import UserAdmin
from django.contrib.auth.models import User
from django.utils.translation import ugettext, ugettext_lazy as _
from django.core.exceptions import PermissionDenied


class UserAdmin(admin.ModelAdmin):
    actions = ['delete_model']
    def get_fieldsets(self, request, obj=None):
        if not obj:
            return self.add_fieldsets


        if request.user.is_superuser:
            perm_fields = ('is_active', 'is_staff', 'is_superuser',
                           'groups', 'user_permissions')
        else:
            # modify these to suit the fields you want your
            # staff user to be able to edit
            perm_fields = ('is_active', 'is_staff', 'groups')


        return [(None, {'fields': ('username', 'password')}),
                (_('Personal info'), {'fields': ('first_name', 'last_name', 'email')}),
                (_('Permissions'), {'fields': perm_fields}),
                (_('Important dates'), {'fields': ('last_login', 'date_joined')})]


    # Prevent super user edition for no super users
    def save_model(self, request, obj, form, change):
        print 'save_model'
        if not change:
            # New user
            obj.save()
        else:
            # Update user
            if obj.is_superuser:
                if request.user.is_superuser:
                    obj.save()
                else:
                    raise PermissionDenied
            else:
                obj.save()


    def get_actions(self, request):
        actions = super(UserAdmin, self).get_actions(request)
        del actions['delete_selected']
        return actions


    # Prevent super user deletion for no super users  
    def delete_model(modeladmin, request, queryset):
        for obj in queryset:
            if obj.is_superuser:
                if request.user.is_superuser:
                    # obj.delete()
                else:
                    raise PermissionDenied
            else:
                # obj.delete()
    delete_model.short_description = 'Eliminar usuario/s seleccionados'

[Pankaja Withanachchi]

I had an issue where the password field didn't match the password field used in the default User Model Admin.
This fixed that issue:
https://stackoverflow.com/questions/73816296/password-field-is-visible-and-not-encrypted-in-django-admin-site
Hope it helps somebody else!