patch to implement view pemission in admin

[Antonio Gallo <gallo@…>]

I'm not in the mood of rewriting a full backoffice because

of the lack of this simple and trivial feature.

I need some of the admins to have read-only access to models.
So i added 1 more extra permission called "view" to the permission
stuffs and templates. The patch is very small since has it been
trivial doing it.

[oyvind]

New patches for the admin should made against newforms-admin, and it would be just as trivial to customize the newforms-admin in you own ModelAdmin.

[Antonio Gallo <gallo@…>]

I installed and migrated to newforms-admin.

Here you are the patch for newform-admin as requested.

[Antonio Gallo <gallo@…>]

patch that add basic view permission to the admin module

[James Bennett]

This is a duplicate of #520, which was marked wontfix by one of Django's lead developers. As such, there are no plans to add this feature; consider wiring up some generic views and applying permission-based decorators if you truly have a need for "administrators" who don't administer anything.

[Travis Cline]

cleaned up and rebased to r7737

[Yuri Baburov]

Replying to ubernostrum:

This is a duplicate of #520, which was marked wontfix by one of Django's lead developers.

Sorry, how does this ticket relate to #520???
Reopening back.

Please also see discussion at ​http://groups.google.com/group/django-developers/browse_thread/thread/b2907e165b2e6159?hl=en
for possible use-cases.

Citing:
"My usecase is:
allow a user to relate model A to model B without requiring change
permission on model B (using raw_id)."

[Karen Tracey <kmtracey@…>]

I believe #820 was meant as the dup number. It was closed 'wontfix' by a core developer. So far bringing it up on the mailing list hasn't resulted in enough support to make me think the core devs are going to change their minds on this one.

[Travis Cline]

rebased to django 1.0 (r8961)

[gert@…]

We have a very common situation where we have junior administrators that are only allowed to ADD news items and higher level admins that can CHANGE/DELETE them.

Without a view permission it is not possible to do this, you have to give CHANGE rights to everybody (They must be able to see the list of news items to know what they have already added)

Surely this functionality is within the scope of even the simplest admin application?

[James Bennett]

Please read the above discussion and do not reopen this ticket unless you can get a consensus on the dev list that this feature should be added.

[Gert Steyn]

My apologies for reopening the ticket.

I read the above discussion, but the reason I stated along with buriy's reasons makes this very much within the scope of the admin application. Can we discuss this on:

​http://groups.google.com/group/django-developers/browse_thread/thread/2ea7cd8eba99344c

as per your suggestion?

[(none)]

Milestone post-1.0 deleted

[Russ Ryba <russryba@…>]

I added this to the 1.2 wiki features for further discussion. I agree with get and buriy above. This seems incredibly useful and relatively easy to implement in the core, yet adding the same feature elsewhere requires thorough knowledge of django and python in general.

Regarding this comment:

As such, there are no plans to add this feature; consider wiring up some 
generic views and applying permission-based decorators if you truly have 
a need for "administrators" who don't administer anything.

You're misunderstanding the request I believe. Think of it more as easily allowing more sophisticated application level administrators in a large organization. We are not requesting administrators who don't administer anything, although I suppose that would be a possibility if it were implemented.

If the thinking is administrators should have total access then why implement permissions in the first place? I don't understand why it's rejected.

Basically we have need for administrators who don't administer everything.

[Cory Walker]

I'd like to support this change. In sites with user-generated content, employees often need to monitor how the site is being used, just as a server administrator checks the logs. People answering user questions and email often need to view a user's data to respond to questions or problems they have with the site. If an error occurred, developers need to investigate the data that caused the error in order to debug it. As of now, these users need to be granted 'add' permissions just to be able to view the content. It's a security risk to enable add permissions to all of their accounts because if one of the accounts is hacked, an attacker could seriously mess up the site. They would be able to add accounts without being activated. The attacker could create blog posts filled with spam. Furthermore, they could bring down parts of the site by causing MultipleObjectsReturned errors. The more secure way would be to create administration accounts with only view permissions. Then there would only have to be one other account with more permissions, the superuser.

I realize that the Django developers want to keep the admin site for administrators only, but it's important to realize that being able to view the site's data is a huge part of administering a web site. Just because it's a view permission doesn't mean that all users will have it and the admin site will be public facing. This may not be an issue for sites with tightly controlled content such as a news site or blog. Django, however, is increasingly being used for sites with other models, and it is important to take this into consideration.