4đź‘Ť
I think that your approach should now be possible: http://code.djangoproject.com/ticket/14434 (closed 5 weeks ago)
However, the explicit “is_staff” check is still done in two places (apart from the staff_member_required decorator):
-
django.contrib.admin.forms.AdminAuthenticationForm.clean()
On top of “has_permission()” you’d need to provide your non-staff AdminSite with a “login_form” that doesn’t do the is_staff check, so could just subclass and adjust clean() accordingly.
-
templates/admin/base.html
would need to be slightly customized.
The div with id “user-tools” is only shown for active staff members. I’m assuming that’s done because the login form also uses this template, and someone could be logged in as an active non-staff member but still should’nt see those links.
6đź‘Ť
Here’s what worked for me with Django >= 3.2
.
- Create a subclass of
AdminSite
- Override the
has_permission()
method to remove theis_staff
check. - Override the
login_form
to useAuthenticationForm
.AdminSite
usesAdminAuthenticationForm
, which extendsAuthenticationForm
and adds a check foris_staff
.
Code
# PROJECT/APP/admin.py
from django.contrib.admin import AdminSite
from django.contrib.admin.forms import AuthenticationForm
class MyAdminSite(AdminSite):
"""
App-specific admin site implementation
"""
login_form = AuthenticationForm
site_header = 'Todomon'
def has_permission(self, request):
"""
Checks if the current user has access.
"""
return request.user.is_active
site = MyAdminSite(name='myadmin')
-1đź‘Ť
What’s wrong with this approach? Any idea how to implement this feature?
What’s wrong with this approach is that permissions and groups can already provide you with what you need. There is no need to subclass AdminSite if all you need is to divide users.
This is probably why this feature is so poorly documented, IMHO
- Caught AttributeError while rendering: 'WSGIRequest' object has no attribute 'get'
- Django: using ForeignKeyRawIdWidget outside of admin forms
- What is the difference between syncdb and migrate?
- Amazon + Django each 12 hours appears that [Errno 5] Input/output error
- Django : HTML form action directing to view (or url?) with 2 arguments