I've read at How can I MODIFY django to create "view" permission? that Django 1.2 cames with a read-only permission for admin models. Where I set this option? It's not found as a permission in the auth app.
Thanks
You need to follow the steps outlined in the linked answer. The 1.2 feature mentioned in the article concerns adding the editable=False option to a model's field which renders the field non-editable in the admin interface for all users.
If you really are missing this functionality i suggest opening a ticket on the django support site to have this fix added to django however remember that the django admin site is for ADMINS. It is not designed to be used as A CRUD interface for all users, just an administrative interface for diving into the data and editing it in place. It's only over time that people have been adding more and more User friendly enhancements to it.
Related
I would like to be able to check in my code whether a user has access to the Wagtail admin interface. I was imagining a field on the Django model like user.is_wagtail_user.
Is there an existing way to do this? Or is there something simple I can add?
Access to the Wagtail admin is controlled by the standard Django permission system, with a permission named wagtailadmin.access_admin. This can be checked with the has_perm method:
user.has_perm('wagtailadmin.access_admin')
I'm writing a custom Django admin site for my vendors to log into. This is to be separate from the regular Django admin site. My question: How do I override the admin authentication to also look from users from a vendor's table?
When you develop your own admin views, you should take a look into django´s decorators #login_required and #user_passes_test, and also the permission system.
So you can handle what your user are able to do and what not. Have a look into the Django Docs https://docs.djangoproject.com/en/1.8/topics/auth/default/
Hope this helps.
Im really confused about what is all i need to consider for creating a django aplication with almost similar functionality to it's own admin.
The index page should deploy the list of models the user has access to modify or create...almost the same as when you put admin.site.register(MyModel) but with permission restriction. Im not sure how should i ckeck permissions, and show 1 ,2 or many "ModelAdmis" on my main page.
btw admin users are redirected to the admin index page, non-admins go to my page
Before you consider creating a django admin from scratch, you should read the answers to this question Django Admin app or roll my own?
I couldn't find any resource on how to create a django admin from scratch, but here's what you should do if this is your first time overriding a framework's functionality (in my humble opinion):
Understand and make sure you are comfortable with the django admin app
start from the docs https://docs.djangoproject.com/en/1.7/#the-admin
Head over to the django admin app source code so you can start reading the internals of the functionality you want to implement/override in your new admin app.
source code can be found here https://github.com/django/django/tree/master/django/contrib/admin
(this may involve reading other apps source code too)
After those two steps you should have an idea on how the admin app is implemented and it's dependencies, then you can start creating your custom admin app.
an example on how this may go can be found in this qestion:
How to override Django admin's views?
If you are building something new, try to separate the UI from the backend. You can build your UI using react, angular or whatever and interact with django using the API. To build the API you can use the Django Rest Framework.
Don't use the Django Admin as a public interface. Use that only for the admins!
If you start to use the Django Admin as interface for your public site, you'll fight with the package to tailor and secure the views to avoid destructive actions. What happen if you forget a readonly field? What if the user deleted something ON_CASCADE?
Building the UI you are totally free and you can customise easily everything without fighting the django admin package (it's awesome package but is not provided for public use)
I am reading 2 quite popular django books, both recommend using django's admin user model, template to create user for the site I am building. It feels odd. Isn't it dangerous to add our site's users with the admin users that uses Django admin interface?
If that recommendation is right, how can I add more attributes to that admin user model (hence add more columns to the auth_user table)?
What they recommend is to use the Users model provided by the django.contrib.auth application. It's the standard in django and many other apps depend on this model to integrate with user data. Being the django admin one of them.
Note that not all users created using this model have access to the admin site. Only the ones with is_staff set to True.
To assign extra user information on the Users model you should use Profiles.
I want to use Django for a web application I'm building that will have an admin panel. I know that you need to just activate the admin app and you're ready to go. However, I would like to have a custom panel, I mean, I want to design the layout myself, I want to add menus and forms for the admin to insert new data in the database etc. Is it possible? or I should write a similar application that will have such features?
For more control over the layout (custom menus etc.) you should check django-admin-tools.
And if you take a look at Django's docs you'll learn that you can easily tweak and override most parts of the admin. For example here is a demonstration on how to use a custom form:
https://docs.djangoproject.com/en/dev/ref/contrib/admin/#adding-custom-validation-to-the-admin
So the admin is pretty customizable. But the question if you should build your own app or reuse the admin depends pretty much on your specific needs. At least make sure you know in which directions the admin can be easily bend.
The sole purpose for Django's admin is to allow you to manipulate (add/edit/remove) data in your database. I think you should at least try to check what the admin is capable of before trying to reinvent the wheel. You'll soon discover the level of complex insight the admin allows you to have. Then you'll discover that making it yourself is unnecessary excess of work and you'll end up with modifying a couple of admin-templates and CSS styles.
Yes, you can customize Django Admin Panel, Django provides some sort of customization for showing database tables structure from their own, for that you can follow DJANGO ADMIN SITE DOC , it will really help you.
For the customizations beyond the Django admin site settings, you can customize admin panel add manual layout, by adding manual detailing in Django template files which are stored in Django environment, django/django/contrib/admin/templates/admin/index.html of your current Django version. You can update its HTML, CSS, and JS according to need.