Opened 8 years ago
Closed 8 years ago
#26254 closed New feature (wontfix)
Support for disallowing filter on local fields in ModelAdmin
| Reported by: | Dheerendra Rathor | Owned by: | nobody |
|---|---|---|---|
| Component: | contrib.admin | Version: | dev |
| Severity: | Normal | Keywords: | |
| Cc: | Triage Stage: | Unreviewed | |
| Has patch: | no | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description
Currently, if a local field is not present in list_filter and filter is called on that particular field directly in URL, it is allowed to filter on that particular field. But, if filter is called on a relational field which is not present in list_filter, filter is disallowed on that particular field.
This feature request is in support for disallowing filter on certain fields. This can be done by either not allowing filter on a field if field is not mentioned in list_filter or by adding an extra ModelAdmin field disallowed_lookups. But disallowing on the basis of list_filter might break admin for sites heavily relying on admin, second option will be better in my opinion.
# An example fix
if len(relation_parts) <= 1:
# Either a local field filter, or no fields at all.
if len(relation_parts) == 1 and relation_parts[0] in self.disallowed_lookups:
return False
return True
Change History (3)
comment:1 by , 8 years ago
comment:2 by , 8 years ago
My first idea was to override this method and I've overridden that in my current project.
But one issue I found that lookup param can take forms like field__exact, field__contains etc, so before allowing certain lookup it needs to be cleaned which is present in relation_parts in https://github.com/django/django/blob/master/django/contrib/admin/options.py#L366
Another way to override involves something like overriding done in django.contrib.auth.admin in https://github.com/django/django/blob/master/django/contrib/auth/admin.py#L93
Well, documenting this method will work pretty well. If we're going with documenting it, then I'll write docs for this either by taking example from auth/admin or by using my custom overridden method.
comment:3 by , 8 years ago
| Resolution: | → wontfix |
|---|---|
| Status: | new → closed |
I'll be happy to review a documentation patch. Thanks!
How about documenting the
lookup_allowed()method as suggested in #17985 and adding an example of overriding that method to achieve this? As long as that doesn't require much boilerplate, I think it's simpler than adding another attribute for what is probably not a very common use case.