Django Permissions

Question

Django Permissions

I would like to have a more detailed resolution in my Django project, but cannot decide which application to use. I have something like:

class Item(models.Model): name = models.CharField(max_length=64, unique=True) description = models.CharField(max_length=128, default='') logo = ImageField(upload_to=/tmp, blank=True, null=True)

Now, with standard Django permissions, I have the opportunity to choose between adding, changing and deleting, what I want to have is an extended change permission, to offer the ability to give group rights only to change the logo, for example, but prohibit the same group. to change the item description. I don’t want or need a relationship between the user and the record, but just provide the opportunity for different groups to edit individual fields of the model using the standard administrator interface. I'm not even sure what I'm talking about object permission?

Does anyone know what is best to use or how do I implement it myself? I could also imagine that read-only users have access to / read everything, but it's impossible to change them, and it's impossible.

Thanks for any help.

+7

django django-models django-admin django-permissions

tinti Jan 25 '12 at 13:52

source share

3 answers

seler · Answer 1 · 2012-01-25T14:13:12+0000

The most flexible way:

write user permissions (i.e. can_modify_descr )
write your own Forms or ModelForms
write Views to display your specified forms.
Finally, you must override some django admin templates and display your forms in templates that extend some standard django admin templates .

As far as I can see, this is the only way to achieve what you want, but it also requires a lot of work.

Etienne · Answer 2 · 2012-01-25T17:44:58+0000

One easy way to achieve this is to create many ModelAdmin for the same model (one for each “group”). To do this, you need to create Proxy models for each "group" as follows:

models.py

 class Item(models.Model): name = models.CharField(max_length=64, unique=True) description = models.CharField(max_length=128, default='') logo = ImageField(upload_to=/tmp, blank=True, null=True) class ItemGroup1(Item): class Meta: proxy = True

admin.py

 class ItemAdmin(models.ModelAdmin): ... class ItemGroup1Admin(models.ModelAdmin): readonly_fields = ('logo', 'description')

And then you just need to set the permissions of group 1 to have access only to ItemGroup1 , etc.

See this post for more information: Using proxy models to configure Django admin

jamstooks · Answer 3 · 2013-12-03T19:31:49+0000

If you want to handle these kinds of things outside your admin site, check out django-logical-rules , where you can write your rules in python and access them from views or inside a template;

Django Permissions

More articles: