Search code examples
pythondjangoadmin

How to hide specific field by User Group on a django admin

i want to hide a specific line of my Django Admin Model by permission or Group

My models.py

class Post(models.Model):
    title = models.CharField(max_length=128)
    slug = AutoSlugField(populate_from='title')
    category = models.CharField(max_length=64, choices=CATEGORY_CHOICES, default='actus')
    is_verified = models.BooleanField(default=False)
    content = RichTextField(blank=True, null=True)
    author = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.CASCADE)
    thumbnail = models.ImageField(upload_to='media/thumbs', blank=True, null=True, default="media/thumbs/default.jpg")
    date = models.DateTimeField(auto_now_add=True, blank=True)

    def __str__(self):
        return self.title

    def get_absolute_url(self):
        return reverse("post", kwargs={"slug": self.slug, "category": self.category})

My Model admin

from django.contrib import admin
from django.db import models
from django.db.migrations.graph import Node
from django.utils.regex_helper import Group

from .....models import Post


class PostAdmin(admin.ModelAdmin):
    list_display = ('title', 'author', 'date', 'is_verified')
    list_filter = ('date', 'author', 'is_verified')


admin.site.site_header = 'Staff Dashboard'
admin.site.register(Post, PostAdmin)

My django admin page Django admin page

If someone has an idea

Solution

  • You can define two ModelForms: one with the is_verified option, and one without, so:

    # app_name/forms.py

from django import forms
from app_name.models import Post

class NormalUserPostForm(forms.ModelForm):
    class Meta:
        model = Post
        exclude = ['is_verified']

class AdminUserPostForm(forms.ModelForm):
    class Meta:
        model = Post
        fields = '__all__'

    then we can override the get_form method of the ModelAdmin:

    # app_name/admin.py

from app_name.forms import NormalUserPostForm, AdminUserPostForm

class PostAdmin(admin.ModelAdmin):
    list_display = ('title', 'author', 'date', 'is_verified')
    list_filter = ('date', 'author', 'is_verified')
    form = NormalUserPostForm

    def get_form(self, request, obj=None, **kwargs):
        if request.user.is_superuser:
            kwargs['form'] = AdminUserPostForm
        return super().get_form(request, obj, **kwargs)


admin.site.site_header = 'Staff Dashboard'
admin.site.register(Post, PostAdmin)

    You can change the condition to request.user.has_perm('some_permission') to check for a certain permission instead.