Is it possible to add multiple admins in Django's admin panel and how I will register them(they need to have the same rights)? And also is it possible to add another 2 roles to the panel with different rights?
I read a lot about it and can't find the answer.
I will really appreciate your help!
You can just create/modify a user and while creating a user you can select their role if they are admin, staff, etc. You can also customize user's permissions when you create their account or if the accounts are already created you can modify it.
To avoid having to assign permission's again and again, i would suggest you create a new group and add the permission that the user in that group should have and then assign the desired user in that group.
Related
If you have django.contrib.auth in your INSTALLED_APPS django will automatically create add, change, delete and view permissions to every model in your system (or any one you add later). These are stored in auth_permission.
In django doc, here is what we can read under Groups section:
django.contrib.auth.models.Group models are a generic way of categorizing users so you can apply permissions, or some other label, to those users. A user can belong to any number of groups.
A user in a group automatically has the permissions granted to that group. For example, if the group 'Site editors' has the permission can_edit_home_page, any user in that group will have that permission.
I've a group with no permission at all (call it NADA) and I've assign that group to a specific user (let's call him Pierre). Pierre can still connect and create, update, delete or view anything on my web interface.
How can I make it working? There's few or no doc on the web for native Django Permission.
I've read this nice publication
django-permission-apps-comparison.
I know I could install django-guardian, django-role-permissions or
django-rules...
I know we can manage access via middleware or decorator But since django IS creating these tables for us (user, groups, permissions and group_permissions)
I thought it was extremely simple to implement CRUD access to any model class!
Wrong?
Do I miss something?
Note: Working with Python3.6 and Django 2.1.3
Django permissions are simple. As far as I understand your question, you are trying to create a user with no permission and he should not see any entries on the Django admin.
First thing is to make sure the user is not marked as "superuser", the superuser sees everything no matter which group they are added in.
If he is not a superuser and is still able to see the model then you should make sure he is not part of multiple groups. If a user is in multiple groups then a union of all permissions is what is applied to them. This link will give you more details on different flags for a user https://djangobook.com/users-groups-permissions/. Let me know if this helps.
TL;DR I'd like to be able to disable certain models per-user in /admin view.
Specifically: I'm looking to make admin models invisible to some staff users, so that they can have a sort of customized dashboard. There's all sorts of fields that change how to present, search, query, etc. models based on whatever you want, but I can't find anything to allow me to determine whether or not to even show models on the /admin page without resorting to blacklisting individual permissions (of which there are hundreds), and I'd like to be able to make some models only available to superusers and not staff.
Any thoughts?
Thanks!
Just don't give them superuser rights. Superuser means they have all rights automatically, which isn't what you want.
Then add edit, add, delete rights for the models they are allowed to edit, add and delete. You can create a group that you give these rights to, then add the users to that group.
If a user doesn't have add, edit or delete rights to a model, the model isn't shown in the admin.
I am building a calendar and appointment website in Django. I want each user to have their own database. I want to know firstly how do I create and save user details and then how do I attach each user to their database??
Thanks in advance.
To attach multiple databases/users, you just need to specify them in the settings.py, see https://docs.djangoproject.com/en/1.9/topics/db/multi-db/.
If you want to create initial data for each users and for each database, you need to use the fixtures, see https://docs.djangoproject.com/en/1.8/howto/initial-data/
Is there any way to create a group model with permissions already estabilished? I'm trying to create a system with at least 4 pre defined user types, and each user type will have some permissions.
Yes just create your desired groups in admin panel and add your permissions to each group then assign your users to the defined groups.
You can add the Group and Permissions creating commands to a migration, using the RunPython operation.
I'm building a web application where I have 2 sets of users (students and teachers). Teachers should be able to create their account, create a page of their content. Students should be able to create an account to sign up for this content. I am currently using django-registration to handle registration but I am wondering what's the best way to handle these 2 sets of users and still be able to use the Django authentication framework? I have heard about having multiple profiles but would like some opinions.
Thanks!
You could use permissions. When they sign up if they're a Teacher give them content creation permissions. If they're a student they don't get the permissions.
In the user profile I would just have a field that says which type they are. Unless a lot of the data is different I wouldn't have two user profiles.