I'm using a customized form in the admin, with many readonly fields depending on logged in user's permissions.
Now, if I try to save the form logged in as a non-supersuser, I have a this field is required error for all required fields that are readonly.
It's really strange since I never experienced this before.
Any help on that?
Related
I have seen some posts like Making form fields - read only or disabled in DJANGO updateView use custom form on an UpdateView to make some fields as read only fields. However, the form object is not accessible for request.user object. If I want to make some fields read-only only for some user group, is there way to do it under UpdateView?
I am having trouble finding where this admin file exists so I can add an extra field. I think it's auto-magically created upon setup.
I want to add a date field, specifically, to the listing page (shown below), perhaps after the UID field so I can know when the user auth was created.
screenshot of django user social auths listing page
Okay here's what I've tried using Django-allauth and I think it somehow works the same with django-socialauth. Just get the gist of the idea and work it to your code
Extend first the SocialAccountAdmin in any of your admin.py files, better if in a specific app like "user", "home", or whatever you prefer.
admin.py
from allauth.socialaccount.admin import SocialAccountAdmin
from allauth.socialaccount.models import SocialAccount
class MySocialAccount(SocialAccountAdmin):
list_display = ('user', 'uid', 'provider', 'date_joined') # I haven't tried just adding a certain list to the list_display, for the meantime add all necessary fields just like how socialauth did
admin.site.unregister(SocialAccount) # Need to unregister the default socialaccount admin
admin.site.register(SocialAccount, MySocialAccount) # Then register it back with the custom made admin
There may be perhaps a better way to do this but this did the work.
Can it be interesting to just add a field to your model ? Adding a DateField for your creation date. Probably you need to understand learn more with : https://docs.djangoproject.com/en/3.0/ref/models/fields/
I'm using Django 2.1.5 and have been using the list_display in ModelAdmin-based classes to limit what our superusers can see in the admin pages. There is some sensitive data that only the user should have access to.
Say I have a app based on model SensitiveObject with id, name, secret, etc., I can simply exclude secret from the list_display and it will never show up in the Admin page. However, when I browse to /admin/full/myapp/sensitiveobject/ I will have a list of those object IDs and can simply go to /admin/.../sensitiveobject/<id>/change/ which will show all of the fields, including the ones that I excluded from list_display.
Is there a way to limit what I'm seeing in the /change/ endpoint, as well?
The fields attribute of your ModelAdmin is what defines the fields that are displayed on the change form for each object.
You can make this dynamic you can override the method get_fields:
def get_fields(request, obj=None):
fields = [] # Default list of fields
if request.user.passes_some_test():
fields.append() # The secret field
return fields
I need to add a BooleanField and a ManyToManyField to my users. I'm using django-social-auth. It seems I could use 'CustomUser'. I guess that's what it's for, but how do I take it into use?
I would need to know:
where to define these new fields
How to add them to the new user when the user is created (ie logs in)
How the query the fields afterwards (ie User.myBooleanField?)
Thanks!
Create a model called CustomUser or UserProfile, whatever you want, with these fields.
In settings.py add a setting AUTH_PROFILE_MODULE = "account.UserProfile", with what you named your model.
In the signals for social_auth, make sure the user has a profile, and if not create it for them when the user is created.
Now anywhere in the site you can call user.get_profile() and you'll have access to these fields.
I'm using the standard Django comments app in my project. If the User is logged in then the comment form still shows fields for user_name and user_email. If anything is entered into those, the data is saved to the database with the comment, along with the user_id of the logged-in User.
When the comment is displayed, the name of the logged-in User is shown, rather than the user_name entered into the comment form.
I would have expected the user_name and user_email fields to not be shown on the form if the User is logged in, as they're pointless in this situation. Is it supposed to behave like that way and I've done something wrong? If this is, bizarrely, standard behaviour, what's the very simplest way to hide these fields (or use the logged-in User's name/email) when the User is logged in? Thanks.
Keep in mind that generic Django apps are designed to be, well.. generic. They don't necessarily handle all the special cases.
If you want to change this form, you should write your own template. In the template, you can use !user.is_authenticated to add fields to the form (make sure you are using RequestContext).