On 29/03/2015 7:09 PM, Avraham Serour wrote:
> maybe overwrite the view in your own modeladmin class?
I need to keep using the Admin and haven't done anything like that
previously. I'll have to do the research.
Thanks
Mike
>
> On Sun, Mar 29, 2015 at 11:07 AM, Mike Dewhirst <miked@dewhirst.com.au
> <mailto:miked@dewhirst.com.au>> wrote:
>
> At the moment "has_change_permission" in the Admin works by returning
> 403 Forbidden if it gets a False.
>
> That doesn't suit my needs but it is probably not advisable to
> adjust it.
>
> Users without change permission need to be able to see the data and
> perhaps raise an exception (in this case BusinessRuleViolation
> subclassed from ValidationError) if they try to save. In other words,
> maybe use the existing form clean() mechanism.
>
> However, I recognise that this subverts the Admin by preventing [Save]
> and therefore may not be appropriate.
>
> A perhaps better solution would be to disable the Save and Delete
> widgets/actions in particular circumstances.
>
> How can I do something like this?
>
> TL;DR
>
> All the business rule decision logic is calculated using the object
> instance and request.user.
>
> The application displays a substance record with a few 1:1, 1:n, n:1 and
> n:m related records. The substance has a status field which can be made
> "public domain".
>
> The business rule is that a user can see and edit all their own
> substances but can see nothing owned by anyone else - unless they have
> been put in the public domain (and which then must be readonly to the
> "public")
>
> Thanks for any ideas
>
> Mike
>
> --
> You received this message because you are subscribed to the Google
> Groups "Django users" group.
> To unsubscribe from this group and stop receiving emails from it,
> send an email to django-users+unsubscribe@__googlegroups.com
> <mailto:django-users%2Bunsubscribe@googlegroups.com>.
> To post to this group, send email to django-users@googlegroups.com
> <mailto:django-users@googlegroups.com>.
> Visit this group at http://groups.google.com/__group/django-users
> <http://groups.google.com/group/django-users>.
> To view this discussion on the web visit
> https://groups.google.com/d/__msgid/django-users/5517B2B5.__7020805%40dewhirst.com.au
> <https://groups.google.com/d/msgid/django-users/5517B2B5.7020805%40dewhirst.com.au>.
> For more options, visit https://groups.google.com/d/__optout
> <https://groups.google.com/d/optout>.
>
>
> --
> You received this message because you are subscribed to the Google
> Groups "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to django-users+unsubscribe@googlegroups.com
> <mailto:django-users+unsubscribe@googlegroups.com>.
> To post to this group, send email to django-users@googlegroups.com
> <mailto:django-users@googlegroups.com>.
> Visit this group at http://groups.google.com/group/django-users.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/CAFWa6tJu_uVd5c%3DvWsVEpa84CGWh-K0WS_xQnHrGs33iEMoZHQ%40mail.gmail.com
> <https://groups.google.com/d/msgid/django-users/CAFWa6tJu_uVd5c%3DvWsVEpa84CGWh-K0WS_xQnHrGs33iEMoZHQ%40mail.gmail.com?utm_medium=email&utm_source=footer>.
> For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/5517EBE7.3050908%40dewhirst.com.au.
For more options, visit https://groups.google.com/d/optout.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment