in models.py
{{{
class Ticket(models.Model):
........
class Action(models.Model):
ticket = models.ForeignKey(Ticket)
........
}}}
in admin.py:
{{{
class ActionInline(admin.TabularInline):
model = Action
extra=1
max_num=3
class TicketAdmin(admin.ModelAdmin):
.........
inlines = [
ActionInline,
]
}}}
If I set current user's permisson `edit_Action` but no `edit Ticket`, I
will not be able to edit actions inlines in "Change Ticket" page.
I think that is different with at least version 2.1.7 and is confusing.
--
Ticket URL: <https://code.djangoproject.com/ticket/31256>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
* version: 3.0 => 2.2
Old description:
> Use an old example:
>
> in models.py
> {{{
> class Ticket(models.Model):
> ........
>
> class Action(models.Model):
>
> ticket = models.ForeignKey(Ticket)
> ........
> }}}
>
> in admin.py:
> {{{
> class ActionInline(admin.TabularInline):
> model = Action
> extra=1
> max_num=3
>
> class TicketAdmin(admin.ModelAdmin):
>
> .........
> inlines = [
> ActionInline,
> ]
> }}}
>
> If I set current user's permisson `edit_Action` but no `edit Ticket`, I
> will not be able to edit actions inlines in "Change Ticket" page.
>
> I think that is different with at least version 2.1.7 and is confusing.
New description:
Use an old example:
in models.py
{{{
class Ticket(models.Model):
........
class Action(models.Model):
ticket = models.ForeignKey(Ticket)
........
}}}
in admin.py:
{{{
class ActionInline(admin.TabularInline):
model = Action
extra=1
max_num=3
class TicketAdmin(admin.ModelAdmin):
.........
inlines = [
ActionInline,
]
}}}
In version 2.2.10:
If I set current user's permisson `edit_Action` but no `edit Ticket`,
I will not be able to edit actions inlines in "Change Ticket" page.
I think that is different with at least version 2.1.7 and is confusing.
--
--
Ticket URL: <https://code.djangoproject.com/ticket/31256#comment:1>
Old description:
> Use an old example:
>
> in models.py
> {{{
> class Ticket(models.Model):
> ........
>
> class Action(models.Model):
>
> ticket = models.ForeignKey(Ticket)
> ........
> }}}
>
> in admin.py:
> {{{
> class ActionInline(admin.TabularInline):
> model = Action
> extra=1
> max_num=3
>
> class TicketAdmin(admin.ModelAdmin):
>
> .........
> inlines = [
> ActionInline,
> ]
> }}}
>
> In version 2.2.10:
> If I set current user's permisson `edit_Action` but no `edit Ticket`,
> I will not be able to edit actions inlines in "Change Ticket" page.
>
> I think that is different with at least version 2.1.7 and is confusing.
New description:
Use an old example:
in models.py
{{{
class Ticket(models.Model):
........
class Action(models.Model):
ticket = models.ForeignKey(Ticket)
........
}}}
in admin.py:
{{{
class ActionInline(admin.TabularInline):
model = Action
extra=1
max_num=3
class TicketAdmin(admin.ModelAdmin):
.........
inlines = [
ActionInline,
]
}}}
In version 2.2.10 or 3.0.3:
If I set current user's permisson `edit_Action` but no `edit Ticket`,
I will not be able to edit actions inlines in "Change Ticket" page.
I think that is different with at least version 2.1.7 and is confusing.
--
--
Ticket URL: <https://code.djangoproject.com/ticket/31256#comment:2>
* version: 2.2 => 2.1
Old description:
> Use an old example:
>
> in models.py
> {{{
> class Ticket(models.Model):
> ........
>
> class Action(models.Model):
>
> ticket = models.ForeignKey(Ticket)
> ........
> }}}
>
> in admin.py:
> {{{
> class ActionInline(admin.TabularInline):
> model = Action
> extra=1
> max_num=3
>
> class TicketAdmin(admin.ModelAdmin):
>
> .........
> inlines = [
> ActionInline,
> ]
> }}}
>
> In version 2.2.10 or 3.0.3:
> If I set current user's permisson `edit_Action` but no `edit Ticket`,
> I will not be able to edit actions inlines in "Change Ticket" page.
>
> I think that is different with at least version 2.1.7 and is confusing.
New description:
Use an old example:
in models.py
{{{
class Ticket(models.Model):
........
class Action(models.Model):
ticket = models.ForeignKey(Ticket)
........
}}}
in admin.py:
{{{
class ActionInline(admin.TabularInline):
model = Action
extra=1
max_num=3
class TicketAdmin(admin.ModelAdmin):
.........
inlines = [
ActionInline,
]
}}}
In version 2.1.15:
If I set current user's permisson `edit_Action` but no `edit Ticket`,
I will not be able to edit actions inlines in "Change Ticket" page.
Based on https://docs.djangoproject.com/en/3.0/releases/2.1.15/, that bug
fix is rude and confusing.
In fact, I can still change `Action` it self and indirectly "change" the
page of it's parent Ticket. We should stop trigger save method in this
condition instead of disable the feature.
--
--
Ticket URL: <https://code.djangoproject.com/ticket/31256#comment:3>
* status: new => closed
* resolution: => wontfix
* component: Uncategorized => contrib.admin
Comment:
I don't agree that this solution is rude. The rationale behind the
Security Team decision is included in the release notes and there is not
much to add.
--
Ticket URL: <https://code.djangoproject.com/ticket/31256#comment:4>