On Thu, 2009-04-02 at 22:34 -0700, Joshua Partogi wrote:
> On Apr 3, 11:23 am, Malcolm Tredinnick <malc...@pointy-stick.com>
> wrote:
> > On Fri, 2009-04-03 at 00:26 +1100, Joshua Partogi wrote:
> > > Dear all,
> >
> > > In django admin we can give permission to user to edit, delete or
> > > create certain model. But what I want to do now is a user can only
> > > edit or delete the data that he/she created.
> >
> > > Is there any way we can do this in django admin?
> >
> > Not out of the box, no. The admin is designed for people who are trusted
> > to access all the data for models they have access to.
> >
> > The requirements for row-level permission management are huge and
> > complicated (in the sense that they vary a lot for different domains),
> > so having a comprehensive solution in Django isn't really on the
> > roadmap. I'd imagine it wouldn't be too hard to implement the
> > functionality you need via Admin subclasses and the like (although it
> > might require the ChangeList class to be over-ridable, which I believe
> > is a Django 1.2 feature now)
> 
> Hi Malcolm.
> 
> First of all thank you for the brief explanation.
> 
> So you reckon I shouldn't use django admin for row level
> authorization?

It would be possible, as I wrote, but it would require a fair bit of
work on your side to customise things. It's not designed for row-level
permissions out of the box. Worth poking at if you're interested, but
requires some willingness to read the internals of the code.

Regards,
Malcolm


> 
> Thanks in advance.
> > 
> 


--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to