On Thu, 2009-04-02 at 22:34 -0700, Joshua Partogi wrote: > On Apr 3, 11:23 am, Malcolm Tredinnick <malc...@pointy-stick.com> > wrote: > > On Fri, 2009-04-03 at 00:26 +1100, Joshua Partogi wrote: > > > Dear all, > > > > > In django admin we can give permission to user to edit, delete or > > > create certain model. But what I want to do now is a user can only > > > edit or delete the data that he/she created. > > > > > Is there any way we can do this in django admin? > > > > Not out of the box, no. The admin is designed for people who are trusted > > to access all the data for models they have access to. > > > > The requirements for row-level permission management are huge and > > complicated (in the sense that they vary a lot for different domains), > > so having a comprehensive solution in Django isn't really on the > > roadmap. I'd imagine it wouldn't be too hard to implement the > > functionality you need via Admin subclasses and the like (although it > > might require the ChangeList class to be over-ridable, which I believe > > is a Django 1.2 feature now) > > Hi Malcolm. > > First of all thank you for the brief explanation. > > So you reckon I shouldn't use django admin for row level > authorization?
It would be possible, as I wrote, but it would require a fair bit of work on your side to customise things. It's not designed for row-level permissions out of the box. Worth poking at if you're interested, but requires some willingness to read the internals of the code. Regards, Malcolm > > Thanks in advance. > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---