TechQA.

Django-guardian. How to filter permissions list?

1.9k views Asked by At

I'm using django-guardian to manage my permissions. Default each model has 3 perms: add, change, delete. If I add my own permission e.g. view, I will have all 4 in User managment tab and all 4 in model-object managment tab.

I know that is possible to filter permissions: Django admin - change permissions list

But I don't know how to filter permissions in model-object managment tab. Is it even possible?

django django-admin django-guardian
Original Q&A
1

There are 1 answers

0
zie1ony On BEST ANSWER

I did some work. Maybe it's not best solution, but works:

admin_utils.py:

from __future__ import unicode_literals
from django import forms
from django.conf import settings
from guardian.compat import url, patterns
from django.contrib import admin
from django.contrib import messages
from django.contrib.admin.widgets import FilteredSelectMultiple
from django.core.urlresolvers import reverse
from django.shortcuts import render_to_response, get_object_or_404, redirect
from django.template import RequestContext
from django.utils.datastructures import SortedDict
from django.utils.translation import ugettext, ugettext_lazy as _
from django.db.models import Q
from django.contrib.auth.models import Group, Permission

from guardian.compat import get_user_model
from guardian.forms import UserObjectPermissionsForm
from guardian.forms import GroupObjectPermissionsForm
from guardian.shortcuts import get_perms
from guardian.shortcuts import get_users_with_perms
from guardian.shortcuts import get_groups_with_perms
from guardian.models import Group
from django.contrib.contenttypes.models import ContentType
from guardian.admin import AdminUserObjectPermissionsForm, AdminGroupObjectPermissionsForm
from guardian.admin import GuardedModelAdmin


class MyGuardedModelAdmin(GuardedModelAdmin):

    allowed_perms = []

    def get_perms_for_model(self, cls):
        if isinstance(cls, basestring):
            app_label, model_name = cls.split('.')
            model = models.get_model(app_label, model_name)
        else:
            model = cls
        ctype = ContentType.objects.get_for_model(model)
        return Permission.objects.filter(Q(content_type=ctype), Q(codename__in=self.allowed_perms) )

    def get_obj_perms_base_context(self, request, obj):
        context = {
            'adminform': {'model_admin': self},
            'media': self.media,
            'object': obj,
            'app_label': self.model._meta.app_label,
            'opts': self.model._meta,
            'original': hasattr(obj, '__unicode__') and obj.__unicode__() or\
                str(obj),
            'has_change_permission': self.has_change_permission(request, obj),
            'model_perms': self.get_perms_for_model(obj),
            'title': _("Object permissions"),
        }
        return context


    class MyAdminUserObjectPermissionsForm(AdminUserObjectPermissionsForm):

        def get_perms_for_model(self, cls):
            if isinstance(cls, basestring):
                app_label, model_name = cls.split('.')
                model = models.get_model(app_label, model_name)
            else:
                model = cls
            ctype = ContentType.objects.get_for_model(model)
            return Permission.objects.filter(Q(content_type=ctype), Q(codename__in=self.allowed_perms) )

        def get_obj_perms_field_choices(self):
            choices = [(p.codename, p.name) for p in self.get_perms_for_model(self.obj)]
            return choices

    def get_obj_perms_manage_user_form(self):
        setattr(self.MyAdminUserObjectPermissionsForm, 'allowed_perms', self.allowed_perms)
        return self.MyAdminUserObjectPermissionsForm


    class MyAdminGroupObjectPermissionsForm(GroupObjectPermissionsForm):
        def get_perms_for_model(self, cls):
            if isinstance(cls, basestring):
                app_label, model_name = cls.split('.')
                model = models.get_model(app_label, model_name)
            else:
                model = cls
            ctype = ContentType.objects.get_for_model(model)
            return Permission.objects.filter(Q(content_type=ctype), Q(codename__in=self.allowed_perms) )

        def get_obj_perms_field_choices(self):
            choices = [(p.codename, p.name) for p in self.get_perms_for_model(self.obj)]
            return choices

    def get_obj_perms_manage_group_form(self):
        setattr(self.MyAdminGroupObjectPermissionsForm, 'allowed_perms', self.allowed_perms)
        return self.MyAdminGroupObjectPermissionsForm

And now you can filter with allowed_perms

admin.py:

class PollAdmin(MyGuardedModelAdmin):
    allowed_perms = ['view_poll']

admin.site.register(Poll, PollAdmin)

Related Questions in DJANGO

Related Questions in DJANGO-ADMIN

Related Questions in DJANGO-GUARDIAN

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions