python - Django raw_id_fields read_only permission -
i have django project i'm working on, won't allow users select entry (user entries) on row_id_field popup, if don't have change permissions (which can't have @ all). that's weird cause doesn't happen select tag list if remove raw_id_fields attribute on modelform class @ admins.py.
how can permission behaviour consistent if changes according different interface setting? mean, user have permission select users on form if displayed select tag. seems me it's big consistency failure way django permissions designed, which, in opinion, should have native can_view permission, in addition can_|add, change, delete.
while googling around found few topics discussing matter, of them end painfull solutions don't seem straightforward me. wonder if simple have straightforward solution won't require me lot's of work arounds.
here example looks actual code:
models.py
class project(models.model): manager = models.foreignkey(user) ...
admins.py
class projectadmin(admin.modeladmin): raw_id_fields = ['manager',] ...
as you've said, weird. thats why i've opted "extend" django admin specific requirements sometimes.
the easiest way meet goal overriding has_change_permission of referenced modeladmin
as have request object argument of method, can evaluate:
- if request comes raw_id_field or not
- if user has permissions see models or not
- any other constraint have
a simple prototype method:
def has_change_permission(self, request, obj=none): if obj none , '_popup' in request.get: return true return super(myadmin, self).has_change_permission(request, obj)
Comments
Post a Comment