Menu
If I had a model similar to this:
class Dealer(models.Model):
name = models.CharField(max_length=10)
other_name = models.CharField(max_length=10, blank=True, null=True)
... etc.
If I wanted to create a user that can sign in to the admin site and only have access to edit this model only, how could I go about doing this?
I have looked around and haven't been able to successfully get it to work. I have also looked into packages such as guardian but had no success. What am I missing here?
Thank you!
451
Django admin allows access to users marked as is_staff=True . To disable a user from being able to access the admin, you should set is_staff=False . This holds true even if the user is a superuser. is_superuser=True .
through django-adminopen your django-admin page and head to Users section and select your desired user . NOTE: Permission assigning process is a one-time thing, so you dont have to update it every time unless you need to change/re-assign the permissions.
Only one class of user exists in Django's authentication framework, i.e., 'superusers' or admin 'staff' users are just user objects with special attributes set, not different classes of user objects.
Add Permissions to a Group If you are using AbstractUser in Django, you must add AUTH_USER_MODEL = 'YourAppName. YourClassName' . This way, you are telling Django to use our custom user model instead of the default one. The code below should go in your admin.py file so that you can see your user model.
You can deal with permissions to allow him to only see this model. Each user can be assigned a group, where a group has a limited set of permissions and a user can also have a set of permissions available. You just need to put this user as a "Staff" user (is_staff = 1) and then put him every permission about the Dealer model.
If the user isn't a superuser, he will see only links to the Dealer model. Everything about permissions and authorization are presented in the Django documentation.
The Django admin site uses permissions as follows:
- Access to view the “add” form and add an object is limited to users with the “add” permission for that type of object.
- Access to view the change list, view the “change” form and change an object is limited to users with the “change” permission for that type of object.
- Access to delete an object is limited to users with the “delete” permission for that type of object.
Permissions can be set not only per type of object, but also per specific object instance. By using the
has_add_permission(),has_change_permission()andhas_delete_permission()methods provided by theModelAdminclass, it is possible to customize permissions for different object instances of the same type.
103
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
