Django 内联用户权限 +仅查看 - 权限问题
我不确定这是否是一个错误,或者我只是遗漏了一些东西(尽管我已经解析了有关内联的文档),但是:
假设我有一个模型 A。模型 A 是模型 B 的内联。用户 U具有对模型 B 的完全访问权限,但只能更改对模型 A 的权限(因此,不能添加或删除)。
但是,在编辑模型 B 时,用户 U 仍然可以在底部看到“添加另一个 A”链接,尽管 U 尚未为相应模型添加权限。
怎么了?为什么该链接不断显示?我的逻辑是,如果 U 无权添加 A,则该链接不应再出现。
另外,理想情况下,我想只授予 U 对模型 A 的查看权限(因此不能添加、删除或更改 - 仅查看),但我已经读到了这一理念(如果你问我的话,这很奇怪),根据该理念“如果你不信任你,就拒绝他访问管理区域”。有点愚蠢的教义。
现在,我正在尝试通过让 U 仅保留更改权限并将所有字段设置为只读来模拟这种“仅查看权限”。但我认为这是一种愚蠢的方法,也可能会导致像上面的权限问题这样的问题......
像我这样的普通 Django 程序员如何实现仅查看权限,最重要的是我应该如何摆脱“添加管理编辑表单底部的另一个 A”链接?
提前致谢!
I'm not sure if this is a bug or I'm just missing something (although I have already parsed the documentation about inlines), but:
Let's say I have a model A. Model A is an inline of model B. User U has full access to model B, but only change permissions to model A (so, no add, nor delete).
However, when editing model B, user U can still see the "Add another A" link at the bottom, although U hasn't add permissions for that respective model.
What's wrong? Why does that link keep on showing? My logic says that if U does not have permissions to add A, the link shouldn't appear anymore.
Also, ideally, I would like to give U only view rights to model A (so no add, delete or change - only view), but I've read about that (strange, if you ask me) philosophy according to which "If you don't trust U, just deny him access to the admin area all together". Kind of a stupid doctrine.
Right now, I'm trying to simulate this 'view only permissions' by leaving U with just change rights and set all fields as read only. But I think this is kind of a stupid approach and may also cause problems like the permissions thing above...
How does an average Django programmer like me achieve view-only permissions, and most of all how should I get rid of the "Add another A" link at the bottom of the admin edit form?
Thanks in advance!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
如果我想要管理员中内容的只读版本,我只需编写一些普通的 Django 视图并将它们排除在管理员之外。
我认为管理员并不真正支持您所谈论的那种事情(允许更改对象但不允许更改其内联)。不要误会我的意思:管理员非常灵活且有用,但它并不打算为您做所有事情。
我认为你能够在管理中拥有如此多的控制权的唯一方法是不内联 A。
事实并非如此,当您考虑到管理员并不打算拥有所需的安全强化级别来保证细粒度的访问控制级别时。由于其开放性和可扩展性,管理中有很多很多地方可能潜伏着错误(通常在用户编写的代码中),这些错误可能会被不良行为者利用。这就是为什么不受信任的用户应该总是看到所有管理 URL 返回 404。
无论如何,当访问控制要求如此细粒度时,通用(即
django.contrib
)解决方案不太可能适合。If I want a read-only version of what's in the admin, I just write some normal Django views and keep them out of the admin.
I don't think the kind of thing you're talking about (allowing changes to an object but not its inlines) is really supported by the admin. Don't get me wrong: the admin is very flexible and useful, but it's not intended to do everything for you.
The only way I see you being able to have this much control in the admin is to not inline A.
Not really, when you consider that the admin isn't intended to have the required level of security hardening to guarantee that fine-grain level of access control. There are many, many places in the admin, due to its open and extensible nature, where bugs can lurk (usually in user-written code) that can be exploited by bad actors. This is why untrusted users should always see all admin URLs return 404.
Anyway, when access control requirements are that fine-grained, it becomes unlikely that a general (i.e.
django.contrib
) solution will fit.