Understanding Python Classes or Customising the Django UserAdmin model -
i'm attempting override of behaviour of django useradmin model. particularly, i'd hide 'superuser' field non-superusers.
so, approach this:
class modeladmin(basemodeladmin): "encapsulates admin options , functionality given model." # ... def has_change_permission(self, request, obj=none): """ returns true if given request has permission change given django model instance. if `obj` none, should return true if given request has permission change *any* object of given type. """ opts = self.opts return request.user.has_perm(opts.app_label + '.' + opts.get_change_permission()) #... based on i've found in modeladmin
class useradmin(useradmin): """ ... customised useradmin """ # adding new method def is_superuser(self, request): "returns true if given user superuser." return request.user.is_superuser # elsewhere 'hopefully' show different fieldset # following, of course, doesn't work. fieldsets = ( (none, { 'fields': ( ("first_name", "last_name"), ("email", "password"), "is_staff", "is_active", "is_superuser" if self.is_superuser() else none ) }), ('groups', { 'fields': ( 'groups', ) }), ('meta', { 'classes': ('collapse',), 'fields': ( 'username', "last_login", "date_joined" ) }) ) so, questions are:
- how create
defwithin new custom useradmin class, such above, , how call it? (how know when i'm in right context so) - part 2 (bonus): how can succinctly include/exclude 'is_superuser' field in form, psuedo code above suggesting?
kind fellows!
~ daryl
thank you
if want forbid users promote superuser, override youruseradmin.get_readonly_fields():
class youruseradmin(admin.modeladmin): ... def get_readonly_fields(self, request, obj=none): if request.user.is_superuser: return none try: return self.readonly_fields + ('is_superuser',) except: return ('is_superuser',) you have unregister default user/useradmin , register own.
admin.site.unregister(user) admin.site.register(user, youruseradmin) however, zen of admin says:
at it's core, django's admin designed single activity: trusted users editing structured content.
if user not trusted, not give him edit rights edit user accounts, period. if hide superadmin option , "filter superadmin status" filter, can change password , log in you. so, if need untrusted users edit user accounts, forget admin , write own dumbed down interface.
Comments
Post a Comment