django-guardian VS django admin

Sun, 28 Apr 2013 12:59:46 -0700 

Hi,

I have problems setting up django-guardian to work properly in my web
application. Object permissions seem to be correct after testing with
the django shell, but somehow admin doesn't seem to react to the
permission system.

I have a Department model:

    class Department(models.Model):
        name = models.CharField(_('department name'), max_length=50,
    default=_('Department name'))
        description = models.TextField(_('department description'))
        # etc.


I'm catching the post_save signal to assign user rights:

    @receiver(post_save, sender=Department)
    def _on_save_department(sender, instance, created, **kwargs):
        # users to give privileges
        superusers = User.objects.filter(is_superuser__exact=True)
        try:
            department_leader_user = instance.leader_user()

            # assign privileges
            assign_perm('change_department', department_leader_user,
    instance)
        except ObjectDoesNotExist:
            pass

        for u in User.objects.all():
            remove_perm('view_department', u, instance)
            remove_perm('change_department', u, instance)
            remove_perm('delete_department', u, instance)
        for u in filter(lambda x: x is not None, superusers):
            assign_perm('view_department', u, instance)
            assign_perm('change_department', u, instance)
            assign_perm('delete_department', u, instance)

The signal receiver seem to work, as I said I have checked the user
rights on the django shell.

I have as well a DepartmentAdmin:

    class PersonDepartmentMembershipInline(admin.StackedInline):
        model = PersonDepartmentMembership
        extra = 2


    class GroupDepartmentMembershipInline(admin.StackedInline):
        model = GroupDepartmentMembership
        extra = 1


    class DepartmentAdmin(GuardedModelAdmin):
        inlines = (PersonDepartmentMembershipInline,
    GroupDepartmentMembershipInline,)

    admin.site.register(Department, DepartmentAdmin)

According to the documentation this should be enough to integrate
django-guardian into the admin interface. Even though, when I log in
with a user from different department, he's able to modify the other
department. Any help please? Thanks in advance.

Regards,

Roberto




-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Reply via email to