filtered admin change-list

[omerd]

Hi,

I want to be able to show parts of the change list, by the user that
view it.
The case is that every super-user can create instances of a certain
model. I wan't that in the change-list page of that model in the admin
site, every user will see only the instances that he'd created. Of
course, this user doesn't have permissions to view or edit instances
of other users.

What is the best approach to accomplish this?

[Rajeesh Nair]

Add a field on your model to identify the user who created each instance & then extend your model_admin's queryset method to filter queryset by the user.

[omerd]

thank you. I will try it

[Marc Aymerich]

take a look at this project:
https://github.com/lukaszb/django-guardian

or search in google by: django admin row level permission
--
Marc

[omerd]

thank you, it worked. I wrote queryset, has_change_permission and
save_model in my ModelAdmin.
As i see it, django-guardian intended for low level permissions in the
web application itself, not the admin-interface.

By the way, is it safe and secure to allow any user (which is not
superuser and is not trusted) to log in the admin interface (by
marking every new user as 'is_staff'=True) when restricting his
permissions to change only the objects he owns?