Reputation: 4702
How to limit objects an admin (without superuser) can interact with?
I am trying to build a platform and I thought using Djangos administrive user interface was simpler and faster than writing an own. The issue I have is that I don't want all admins to be able to see all objects, just the ones they are affiliated with.
I use my own created model called Organisation which basically is the affiliation.
I were reading this article: http://reinout.vanrees.org/weblog/2011/09/30/django-admin-filtering.html but it seems old and outdated.
Because I copied the example and came up with this:
class QuizAdmin(admin.ModelAdmin):
form = QuizAdminForm
list_display = ('title', 'category', )
list_filter = ('category',)
search_fields = ('description', 'category', )
def queryset(self, request):
"""Limit quizzes to those that belong to the correct organisation."""
qs = super(QuizAdmin, self).queryset(request)
org = Organisation.objects.get(user=request.user)
if request.user.is_superuser:
return qs
return qs.filter(org=org)
But it seems like the queryset method never runs. Is there another easy way to filter out the objects an admin user can interact with?
Thanks in advance for your sage advice and better wisdom.
Upvotes: 0
Views: 21
Answers (1)
Reputation: 599628
That article is more than five years old, a few things have changed since then. But in this case all you need to do is call your method get_queryset rather than queryset.
Upvotes: 1
Related Questions
- how to not let staff or admin users edit superusers
- Django admin site - limit user content on user
- How to restrict user acces to see/modify objects created by other users with Django
- Django: restrict user access to their own objects only
- Allow user modify only objects created by this user
- Django admin -- restricting access by user
- Object level permissions django
- Django - Limit User Queries
- Restrict Django admin to only allow super-users
- Django admin - limiting access to objects based on the user logged in