#15261: Admin querystring filters should work for superusers
------------------------------------------------+---------------------------
Reporter: cdestigter | Owner: nobody
Status: closed | Milestone:
Component: django.contrib.admin | Version: 1.2
Resolution: wontfix | Keywords:
Triage Stage: Unreviewed | Has patch: 1
Needs documentation: 0 | Needs tests: 0
Patch needs improvement: 0 |
------------------------------------------------+---------------------------
Comment (by cdestigter):
Yes, I noticed that a similar thing could be achieved by doing something
like:
{{{
def lookup_allowed(self, lookup, value):
return True
}}}
But I see some problems with that approach:
1. `lookup_allowed()` doesn't have access to the request, so can't tell
if the user is a superuser. It can only be overridden for everyone, which
could be a problem in setups with non-superuser staff members.
2. This requires we use a custom ModelAdmin base for every model in our
project. And then, it still won't work for Django builtin models like User
unless we monkey-patch the django BaseModelAdmin class...
Since superusers have implicit permissions for every model anyway, doesn't
it seem logical that they should be able to filter by anything they like?
--
Ticket URL: <http://code.djangoproject.com/ticket/15261#comment:3>
Django <http://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en.
