Admin readonly_fields should have a hidden field

[Gabriel]

I customized the UserAdmin form setting readonly_fields = ('username',) but on submit the field is still being validated and failing as there is no value for username.
readonly_fields should also generate a hidden field with the current value to use on validation, or disable validation on this fields.

[Russell Keith-Magee]

A readonly field really shouldn't have a hidden field. If it did, it wouldn't be a readonly field, because it would be possible for end users to create a POST request that would modify the value.

As for any other problems -- you haven't provided enough detail for anyone else to reproduce the problem you've described. I set up a custom ModelAdmin for User with username as a readonly field, and didn't see any behavior that surprised me.

If you think there is a validation problem here, feel free to reopen -- but with enough detail that would allow someone else to replicate the problem you are seeing.

[Gabriel]

How to reproduce:

admin.py

---

from django.contrib.auth.admin import UserAdmin

admin.site.unregister(User)

class UserAdminForm(UserAdmin):

readonly_fields = ('username',)

admin.site.register(User, UserAdminForm)

---

Try to edit any user I you'll get a message like Please correct the error below.

See

If having a hidden field is not an option, then this fields shouldn't be validated.

[Russell Keith-Magee]

Django is doing exactly what you're asking it to do. You've subclassed UserAdmin, which specifically installs custom forms to ensure the user object is correctly validated. When you then remove username from the available data, the custom form fails validation.

If you subclass admin.ModelAdmin instead of UserAdmin, you won't see this problem, because the auto-generated form *will* obey the readonly_fields clause.