python - Django admin limit rights -
in django project have models project, person, task , info.
thing is, however, project parent model. person, task , info belongs project.
if add person, task or info have choose project (foreignkey) belongs to.
my problem: projects independent , have different project managers. goal in admin interface project manager of project example can add person project, same info , task.
i don't want project manger of project can see/edit/add/delete things of project b. unfortunately, not find options in django admin meets requirements.
if project manager logs in should see instances belongs project, nothing else.
how solve issue?
based on understood, suppose model structure looks this:
class project(models.model): manager = models.foreignkey(user) ... class person(models.model): project = models.foreignkey(project) ... in admin.py can perform various modifications accomplish goal
class personadmin(admin.modeladmin): # other code # function list persons # project has current user project manager def get_queryset(self, request): qs = super(personadmin, self).get_queryset(request) if request.user.is_superuser: return qs return qs.filter(project__manager__user=request.user) # function list projects in dropdowns # has current user project manager def render_change_form(self, request, context, *args, **kwargs): if not request.user.is_superuser: context['adminform'].form.fields['project'].queryset = project.objects.filter(manager__user=request.user) return super(personadmin, self).render_change_form(request, context, args, kwargs) # function used edit permission def has_change_permission(self, request, obj=none): if not obj: return true return obj.project.manager.user == request.user or request.user.is_superuser # function used delete permission def has_delete_permssion(self, request, obj=none): if not obj: return true return obj.project.manager.user == request.user or request.user.is_superuser
Comments
Post a Comment