Opened 15 years ago

Last modified 10 years ago

#11561 new Bug

raw_id_fields requires that the user has change permissions on the model class that is being linked to

Reported by: dhowden@… Owned by: nobody
Component: contrib.admin Version: 1.0
Severity: Normal Keywords: raw_id_fields permissions
Cc: carlos.palol@… Triage Stage: Accepted
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

Unlike a plain ForeignKey field which uses a select box, the raw_id_fields listing/search interface requires that the user has change permissions on the model in your ForeignKey.

Change History (10)

comment:1 by Russell Keith-Magee, 15 years ago

Triage Stage: UnreviewedAccepted

comment:2 by zbyte64, 14 years ago

Possible fix would be to add a has_view_permission and the changelist_view would check against that permission instead of has_change_permission

comment:3 by Yeago, 14 years ago

I bet there's a more comprehensive way to deal with things like this.

For example, a generic admin view which uses contenttypes in situations like this could be created instead of the current limitation of only viewing other registered models' changelists.

comment:4 by Julien Phalip, 14 years ago

milestone: 2.0

#15185 is another use case where the has_change_permission gets in the way of displaying the change list. I'm getting more and more incline to introduce a new "list" (or "read", or "view", or "browse") standard permission so you can display the "change" list without having change permissions. A bit like the difference that exist between "r" and "w" in the Unix file system. Now that might be something for version 2.0 as I imagine this would be seriously backwards incompatible.

comment:5 by Julien Phalip, 14 years ago

Severity: Normal
Type: Bug

comment:6 by Julien Phalip, 13 years ago

Easy pickings: unset
UI/UX: unset

On a related note, see #8936 about adding view-only functionality to the admin.

comment:7 by Jacob, 13 years ago

Milestone 2.0 deleted

comment:8 by Carlos Palol, 13 years ago

Cc: carlos.palol@… added

comment:9 by kota, 12 years ago

However there may be better ways,
I modified some files to fix this issue.
https://gist.github.com/4329401/

comment:10 by Collin Anderson, 10 years ago

Keywords: raw_id_fields added; raw_if_fields removed
Note: See TracTickets for help on using tickets.
Back to Top