Re: Feature request: read-only admin view

[Florian Apolloner]

On Friday, August 16, 2013 6:19:03 PM UTC+2, Trevor Cox wrote:
>
> At least two people have already submitted a patch. 
>
Chances that they still work are not really big.
 

> The issue is not the coding but that the feature request is being rejected.
>
I see 3 core-devs in this thread which seem to be in favor of adding it, 
including Russ who wontfixed it previously; so I don't think that rejection 
is an issue here.
 

> I'm commenting because I don't think the arguments against the feature 
> have considered all the use cases for read only admin access; they're just 
> assuming that providing read only permissions would be for 
> non-administrators such as regular website users.
>
Your "I want people to see data in the admin" isn't really a compelling 
argument imo; but either way, as said above already, there are at least 3 
core devs in this thread which are not or no longer opposed to this 
feature. So if you'd like to see this in 1.7 now would be the time to get 
involved.

Cheers,
Florian

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-developers+unsubscr...@googlegroups.com.
To post to this group, send email to django-developers@googlegroups.com.
Visit this group at http://groups.google.com/group/django-developers.
For more options, visit https://groups.google.com/groups/opt_out.

Re: Feature request: read-only admin view

[Trevor Cox]

At least two people have already submitted a patch. The issue is not the 
coding but that the feature request is being rejected. I'm commenting 
because I don't think the arguments against the feature have considered all 
the use cases for read only admin access; they're just assuming that 
providing read only permissions would be for non-administrators such as 
regular website users.

On Friday, 16 August 2013 07:38:54 UTC-7, Florian Apolloner wrote:
>
> As with most open source projects; if you really want to see this done 
> feel free to get coding and submit a patch :)
>
> Cheers,
> Florian
>
> On Friday, August 16, 2013 9:01:07 AM UTC+2, Trevor Cox wrote:
>>
>> There are lots of reasons why read-only/view permissions are appropriate 
>> for an admin system. I'd really like to see this done! I want to be able 
>> to give readonly admin accounts to my designers, developers, sales reps and 
>> sales prospects, because I want them to be able to try out the admin 
>> interface of my live systems.
>>
>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-developers+unsubscr...@googlegroups.com.
To post to this group, send email to django-developers@googlegroups.com.
Visit this group at http://groups.google.com/group/django-developers.
For more options, visit https://groups.google.com/groups/opt_out.

Re: Feature request: read-only admin view

[Florian Apolloner]

As with most open source projects; if you really want to see this done feel 
free to get coding and submit a patch :)

Cheers,
Florian

On Friday, August 16, 2013 9:01:07 AM UTC+2, Trevor Cox wrote:
>
> There are lots of reasons why read-only/view permissions are appropriate 
> for an admin system. I'd really like to see this done! I want to be able 
> to give readonly admin accounts to my designers, developers, sales reps and 
> sales prospects, because I want them to be able to try out the admin 
> interface of my live systems.
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-developers+unsubscr...@googlegroups.com.
To post to this group, send email to django-developers@googlegroups.com.
Visit this group at http://groups.google.com/group/django-developers.
For more options, visit https://groups.google.com/groups/opt_out.

Re: Feature request: read-only admin view

[Trevor Cox]

There are lots of reasons why read-only/view permissions are appropriate 
for an admin system. I'd really like to see this done! I want to be able to 
give readonly admin accounts to my designers, developers, sales reps and 
sales prospects, because I want them to be able to try out the admin 
interface of my live systems.


-- 
You received this message because you are subscribed to the Google Groups 
"Django developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-developers+unsubscr...@googlegroups.com.
To post to this group, send email to django-developers@googlegroups.com.
Visit this group at http://groups.google.com/group/django-developers.
For more options, visit https://groups.google.com/groups/opt_out.

Re: Feature request: read-only admin view

[Julien Phalip]

Hi,

This feature has been discussed in the past on this mailing list (e.g.,
http://goo.gl/ezMpc and more recently: http://goo.gl/j1CPv). There has also
been talks about merging the databrowse contrib app into the admin (see
this ticket: https://code.djangoproject.com/ticket/8936 or the GSoC
proposal written by Aymeric last year:
https://code.djangoproject.com/wiki/SummerOfCode2011#Integratedatabrowseintotheadmin
).

Over the years, the admin has been built with the idea that it would only
be used for *editing* data. Perhaps the main example of that is the
changelist (note that its name includes the word "change"), which itself
contains several editing features such as admin actions or the
list-editable forms. Another example is the URL scheme, where
/admin/myapp/mymodel/1234/ points to the change form, whereas in an ideal
world that would point to the object's read-only page
and /admin/myapp/mymodel/1234/edit/ would point to the change form.

Adding the read-only functionality could be done at least by adding a new
"View" permission, extending the URL scheme and refactoring the changelist.
Doing things properly and in a future-proof way seems less than trivial and
most likely backwards incompatible. It would be a welcome change though,
and also a good opportunity to clean up some parts of the admin's codebase.
So I'd absolutely encourage anyone to dig into it and I'd personally be
happy to follow it up and provide feedback as needed.

Kind regards,

Julien

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers" group.
To post to this group, send email to django-developers@googlegroups.com.
To unsubscribe from this group, send email to 
django-developers+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-developers?hl=en.

Re: Feature request: read-only admin view

[Anssi Kääriäinen]

+1 from me too. One point is that if you are just browsing the admin,
then viewing the objects in read-only mode is nicer than viewing them
in edit forms. Especially for select/select multiple fields. Although
this might need a bit bigger change into the UI (two links per list
item: "view" and "edit").

 - Anssi

On Jan 30, 7:00 pm, Daniel Sokolowski
 wrote:
> +1 django has grown since the original design decision and as a rapid
> development framework it sells itself it ought to have it --- me thinks.
>
> Daniel
>
> On Fri, Jan 27, 2012 at 9:28 PM, Russell Keith-Magee <
>
>
>
>
>
>
>
>
>
> russ...@keith-magee.com> wrote:
> > On Sat, Jan 21, 2012 at 1:02 AM, Chris Wilson  wrote:
> > > Hi all,
>
> > > I really like how the admin interface does a lot of the work for me in
> > > developing a site with basic CRUD functions, and a few free bonuses
> > > like pagination and list filtering.
>
> > > I agree with all the comments on #820  > > ticket/820> requesting this feature (as well as the "view" permission
> > > which goes with it).
>
> > > This ticket and several others were closed because a design decision
> > > has been made that the admin interface is for admins only, and such a
> > > feature is out of scope. A lot of people believe that it should be in
> > > scope. Therefore I would like to politely request a reconsideration of
> > > this decision.
>
> > Even though I'm the person who wonfixed the ticket most recently, I'm
> > inclined to agree with you -- but for a different reason.
>
> > The original reason -- that the admin isn't intended as a general
> > purpose site, just a backend editing interface -- is still valid. I'm
> > not in favor of trying to turn the admin into something that people
> > will try to interpret as a publicly visible CMS.
>
> > However, over time, we've added a complication. We now have object
> > level permissions, so it's possible for an admin user to see a list of
> > objects, of which only *some* are editable. To me, the logical
> > extension of this feature is that you should be able to view some
> > objects in the admin, and edit others.
>
> > So, count this as a tentative +0 for the idea, qualified by the fact
> > that it in no way represents a promise to help this patch into trunk.
> > I've got 99 problems, but view permissions in the admin ain't one. :-)
>
> > I'd also point out that at DjangoCon.US last year, there were some
> > initial discussions about developing a "NewAdmin". I don't think this
> > effort has gone very far since then, but it's worth noting that there
> > is high-level agreement that Django's admin is in need of a bit of a
> > shakeup; increased functionality (like view permissions) might be
> > something that could fit into that broader change.
>
> > Yours,
> > Russ Magee %-)
>
> > --
> > You received this message because you are subscribed to the Google Groups
> > "Django developers" group.
> > To post to this group, send email to django-developers@googlegroups.com.
> > To unsubscribe from this group, send email to
> > django-developers+unsubscr...@googlegroups.com.
> > For more options, visit this group at
> >http://groups.google.com/group/django-developers?hl=en.
>
> --
> Daniel Sokolowski
> Web Engineer
> KL Insighthttp://klinsight.com/
> Tel: 613-344-2116 | Fax: 613.634.7029
> 993 Princess Street, Suite 212
> Kingston, ON K7L 1H3, Canada
>
> Notice of Confidentiality:
> The information transmitted is intended only for the person or entity to
> which it is addressed and may contain confidential and/or privileged
> material. Any review re-transmission dissemination or other use of or
> taking of any action in reliance upon this information by persons or
> entities other than the intended recipient is prohibited. If you received
> this in error please contact the sender immediately by return electronic
> transmission and then immediately delete this transmission including all
> attachments without copying distributing or disclosing same.

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers" group.
To post to this group, send email to django-developers@googlegroups.com.
To unsubscribe from this group, send email to 
django-developers+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-developers?hl=en.

Re: Feature request: read-only admin view

[Daniel Sokolowski]

+1 django has grown since the original design decision and as a rapid
development framework it sells itself it ought to have it --- me thinks.

Daniel

On Fri, Jan 27, 2012 at 9:28 PM, Russell Keith-Magee <
russ...@keith-magee.com> wrote:

> On Sat, Jan 21, 2012 at 1:02 AM, Chris Wilson  wrote:
> > Hi all,
> >
> > I really like how the admin interface does a lot of the work for me in
> > developing a site with basic CRUD functions, and a few free bonuses
> > like pagination and list filtering.
> >
> > I agree with all the comments on #820  > ticket/820> requesting this feature (as well as the "view" permission
> > which goes with it).
> >
> > This ticket and several others were closed because a design decision
> > has been made that the admin interface is for admins only, and such a
> > feature is out of scope. A lot of people believe that it should be in
> > scope. Therefore I would like to politely request a reconsideration of
> > this decision.
>
> Even though I'm the person who wonfixed the ticket most recently, I'm
> inclined to agree with you -- but for a different reason.
>
> The original reason -- that the admin isn't intended as a general
> purpose site, just a backend editing interface -- is still valid. I'm
> not in favor of trying to turn the admin into something that people
> will try to interpret as a publicly visible CMS.
>
> However, over time, we've added a complication. We now have object
> level permissions, so it's possible for an admin user to see a list of
> objects, of which only *some* are editable. To me, the logical
> extension of this feature is that you should be able to view some
> objects in the admin, and edit others.
>
> So, count this as a tentative +0 for the idea, qualified by the fact
> that it in no way represents a promise to help this patch into trunk.
> I've got 99 problems, but view permissions in the admin ain't one. :-)
>
> I'd also point out that at DjangoCon.US last year, there were some
> initial discussions about developing a "NewAdmin". I don't think this
> effort has gone very far since then, but it's worth noting that there
> is high-level agreement that Django's admin is in need of a bit of a
> shakeup; increased functionality (like view permissions) might be
> something that could fit into that broader change.
>
> Yours,
> Russ Magee %-)
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django developers" group.
> To post to this group, send email to django-developers@googlegroups.com.
> To unsubscribe from this group, send email to
> django-developers+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/django-developers?hl=en.
>
>


-- 
Daniel Sokolowski
Web Engineer
KL Insight
http://klinsight.com/
Tel: 613-344-2116 | Fax: 613.634.7029
993 Princess Street, Suite 212
Kingston, ON K7L 1H3, Canada


Notice of Confidentiality:
The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. Any review re-transmission dissemination or other use of or
taking of any action in reliance upon this information by persons or
entities other than the intended recipient is prohibited. If you received
this in error please contact the sender immediately by return electronic
transmission and then immediately delete this transmission including all
attachments without copying distributing or disclosing same.

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers" group.
To post to this group, send email to django-developers@googlegroups.com.
To unsubscribe from this group, send email to 
django-developers+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-developers?hl=en.

Re: Feature request: read-only admin view

[Danny Adair]

On Sun, Jan 29, 2012 at 04:13, Daniel Greenfeld  wrote:
>[...]
>> The original reason -- that the admin isn't intended as a general
>> purpose site, just a backend editing interface -- is still valid. I'm
>> not in favor of trying to turn the admin into something that people
>> will try to interpret as a publicly visible CMS.
>
> I agree 100%. The admin should remain the admin.

I look at the admin as "just another app" which provides a CRUD
interface and happens to have lots of hooks and templates for
customization. There are use cases without a backend/public
differentiation - sometimes all you want is CRUD.

There are numerous examples of models you want to be able to "C", "R"
and "D" but not "U".

Currently, there are three permissions - for "C", "U" and "D" - and
the app respects these and adjusts the interface accordingly. Certain
admin users may not be able to create or delete certain models. I
don't see how "completing" this by adding a permission for "R" and
adjusting the interface accordingly would make the admin something it
isn't (or isn't "supposed to be").

I believe the advent of "ModelAdmin.readonly_fields" is a confirmation
of this need. "R" and "U" are currently mixed together - there are
reasons for why this is the case but I don't see the historic
explanations holding up as reasons to leave it like that.

Cheers,
Danny

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers" group.
To post to this group, send email to django-developers@googlegroups.com.
To unsubscribe from this group, send email to 
django-developers+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-developers?hl=en.

Re: Feature request: read-only admin view

[Russell Keith-Magee]

On Sat, Jan 21, 2012 at 1:02 AM, Chris Wilson  wrote:
> Hi all,
>
> I really like how the admin interface does a lot of the work for me in
> developing a site with basic CRUD functions, and a few free bonuses
> like pagination and list filtering.
>
> I agree with all the comments on #820  ticket/820> requesting this feature (as well as the "view" permission
> which goes with it).
>
> This ticket and several others were closed because a design decision
> has been made that the admin interface is for admins only, and such a
> feature is out of scope. A lot of people believe that it should be in
> scope. Therefore I would like to politely request a reconsideration of
> this decision.

Even though I'm the person who wonfixed the ticket most recently, I'm
inclined to agree with you -- but for a different reason.

The original reason -- that the admin isn't intended as a general
purpose site, just a backend editing interface -- is still valid. I'm
not in favor of trying to turn the admin into something that people
will try to interpret as a publicly visible CMS.

However, over time, we've added a complication. We now have object
level permissions, so it's possible for an admin user to see a list of
objects, of which only *some* are editable. To me, the logical
extension of this feature is that you should be able to view some
objects in the admin, and edit others.

So, count this as a tentative +0 for the idea, qualified by the fact
that it in no way represents a promise to help this patch into trunk.
I've got 99 problems, but view permissions in the admin ain't one. :-)

I'd also point out that at DjangoCon.US last year, there were some
initial discussions about developing a "NewAdmin". I don't think this
effort has gone very far since then, but it's worth noting that there
is high-level agreement that Django's admin is in need of a bit of a
shakeup; increased functionality (like view permissions) might be
something that could fit into that broader change.

Yours,
Russ Magee %-)

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers" group.
To post to this group, send email to django-developers@googlegroups.com.
To unsubscribe from this group, send email to 
django-developers+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-developers?hl=en.

Re: Feature request: read-only admin view

[Juan Pablo Martínez]

+1.
This feature is simple and not implies backwards compatibilities or
security problems.
BTW, is very useful.

On Fri, Jan 20, 2012 at 3:02 PM, Chris Wilson  wrote:

> mins only,




-- 
juanpex

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers" group.
To post to this group, send email to django-developers@googlegroups.com.
To unsubscribe from this group, send email to 
django-developers+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-developers?hl=en.