Opened 6 years ago
Last modified 5 years ago
#29120 closed Cleanup/optimization
Admin autocomplete requires change permission — at Version 1
| Reported by: | Rodrigo Pinheiro Marques de Araújo | Owned by: | nobody |
|---|---|---|---|
| Component: | contrib.admin | Version: | 2.0 |
| Severity: | Normal | Keywords: | |
| Cc: | Johannes Maron | Triage Stage: | Accepted |
| Has patch: | no | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description (last modified by )
class ModelA(models.Model):
pass
class ModelB(Models.Model):
a = models.ForeignKey(ModelA)
In django's admin a form can list all related objects without permission need. In the example above, Model B's form if using a ModelChoiceField is possible to lista all A objects. But using a autocomplete field requires change permission to find "A" objects. This different behavior force admin's user to give a different level of permission to your users. To fix this in the AutocompleteView the only permission required should be a logged user and staff member.
Note:
See TracTickets
for help on using tickets.