7

I am using Django 1.8.1. This is first time I am customizing the admin screens.

There are some permissions coming by default in the list like admin|entry log, auth|group etc. I wanted to remove those permissions from the list. I was able to filter those permissions out from the list on the user edit screen with the help of Django admin - change permissions list

My problem is add/edit group screen. On this screen those permission are still there. Following is the screen shot of the page. enter image description here

How can I remove some of the permissions from this list ?

Community
  • 1
  • 1
Niraj Chapla
  • 2,149
  • 1
  • 21
  • 34

4 Answers4

8

I tried to do this by extending the GroupAdmin class and overriding the get_form method. But unfortunately that didn't worked for me. The get_form method was not getting invoked at all. I don't know the reason.

Following solved my problem:

class MyGroupAdminForm(forms.ModelForm):

    class Meta:
        model = Group
        fields = ('name', 'permissions')

    permissions = forms.ModelMultipleChoiceField(
        Permission.objects.exclude(content_type__app_label__in=['auth','admin','sessions','users','contenttypes']),
        widget=admin.widgets.FilteredSelectMultiple(_('permissions'), False))

class MyGroupAdmin(admin.ModelAdmin):
    form = MyGroupAdminForm
    search_fields = ('name',)
    ordering = ('name',)

admin.site.unregister(Group)
admin.site.register(Group, MyGroupAdmin)

With the above code I got success to remove the permissions for apps [auth, admin, sessions, users, contenttypes] from the available permissions list on the add/edit group screen.

Niraj Chapla
  • 2,149
  • 1
  • 21
  • 34
2

Here is a recent version for Django 1.10.1

# coding: utf-8

from django.contrib import admin
from django.contrib.auth.models import Group, User
from django.contrib.auth.admin import GroupAdmin, UserAdmin
from django.utils.translation import ugettext_lazy as _


class CustomUserAdmin(UserAdmin):
    fieldsets = (
        (None, {'fields': ('username', 'password')}),
        (_('Personal info'), {'fields': ('first_name', 'last_name', 'email')}),
        (_('Permissions'), {'fields': ('is_active', 'is_staff', 'is_superuser',
                                       'groups',)}),
        (_('Important dates'), {'fields': ('last_login', 'date_joined')}),
    )


class CustomGroupAdmin(GroupAdmin):
    def formfield_for_manytomany(self, db_field, request=None, **kwargs):
        if db_field.name == 'permissions':
            qs = kwargs.get('queryset', db_field.remote_field.model.objects)
            qs = qs.exclude(codename__in=(
                'add_permission',
                'change_permission',
                'delete_permission',

                'add_contenttype',
                'change_contenttype',
                'delete_contenttype',

                'add_session',
                'delete_session',
                'change_session',

                'add_logentry',
                'change_logentry',
                'delete_logentry',
            ))
            # Avoid a major performance hit resolving permission names which
            # triggers a content_type load:
            kwargs['queryset'] = qs.select_related('content_type')
        return super(GroupAdmin, self).formfield_for_manytomany(
            db_field, request=request, **kwargs)


admin.site.unregister(User)
admin.site.unregister(Group)
admin.site.register(User, CustomUserAdmin)
admin.site.register(Group, CustomGroupAdmin)

This code will both remove useless permissions in group and remove permission field in user, if you don't want the user part, just delete the relevant code.

Reorx
  • 2,801
  • 2
  • 24
  • 29
1

@Niraj Chapla to make working @JRodDynamite's solution is needed to unregister and register the group after the override.

from django.contrib.auth.models import Group
from django.contrib.auth.admin import GroupAdmin

class MyGroupAdmin(GroupAdmin):
    def get_form(self, request, obj=None, **kwargs):
        # Get form from original GroupAdmin.
        form = super(MyGroupAdmin, self).get_form(request, obj, **kwargs)
        if 'permissions' in form.base_fields:
            permissions = form.base_fields['permissions']
            permissions.queryset = permissions.queryset.exclude(content_type__app_label__in=['admin', 'auth']) # Example
        return form


############ ADD THIS #############
admin.site.unregister(Group)
admin.site.register(Group, MyGroupAdmin)
###################################
dev_hero
  • 194
  • 1
  • 7
0

As mentioned in the link you've provided, you can do the same with the permission list in your Group edit page, but you have to create another Admin that extends from GroupAdmin.

The code for it will look something like this:

from django.contrib.auth.models import Group
from django.contrib.auth.admin import GroupAdmin

class MyGroupAdmin(GroupAdmin):
    def get_form(self, request, obj=None, **kwargs):
        # Get form from original GroupAdmin.
        form = super(MyGroupAdmin, self).get_form(request, obj, **kwargs)
        if 'permissions' in form.base_fields:
            permissions = form.base_fields['permissions']
            permissions.queryset = permissions.queryset.exclude(content_type__app_label__in=['admin', 'auth']) # Example
        return form
Community
  • 1
  • 1
JRodDynamite
  • 12,325
  • 5
  • 43
  • 63