I have problems setting up django-guardian to work properly in my web application. Object permissions seem to be correct after testing with the django shell, but somehow admin doesn't seem to react to the permission system.
I have a Department model:
class Department(models.Model):
name = models.CharField(_('department name'), max_length=50, default=_('Department name'))
description = models.TextField(_('department description'))
# etc.
I'm catching the post_save signal to assign user rights:
@receiver(post_save, sender=Department)The signal receiver seem to work, as I said I have checked the user rights on the django shell.
def _on_save_department(sender, instance, created, **kwargs):
# users to give privileges
superusers = User.objects.filter(is_superuser__exact=True)
try:
department_leader_user = instance.leader_user()
# assign privileges
assign_perm('change_department', department_leader_user, instance)
except ObjectDoesNotExist:
pass
for u in User.objects.all():
remove_perm('view_department', u, instance)
remove_perm('change_department', u, instance)
remove_perm('delete_department', u, instance)
for u in filter(lambda x: x is not None, superusers):
assign_perm('view_department', u, instance)
assign_perm('change_department', u, instance)
assign_perm('delete_department', u, instance)
I have as well a DepartmentAdmin:
class PersonDepartmentMembershipInline(admin.StackedInline):According to the documentation this should be enough to integrate django-guardian into the admin interface. Even though, when I log in with a user from different department, he's able to modify the other department. Any help please? Thanks in advance.
model = PersonDepartmentMembership
extra = 2
class GroupDepartmentMembershipInline(admin.StackedInline):
model = GroupDepartmentMembership
extra = 1
class DepartmentAdmin(GuardedModelAdmin):
inlines = (PersonDepartmentMembershipInline, GroupDepartmentMembershipInline,)
admin.site.register(Department, DepartmentAdmin)
Regards,
Roberto
No comments:
Post a Comment