On Dec 5, 11:42 am, "Karen Tracey" <[EMAIL PROTECTED]> wrote: > On 12/5/07, Percy Rodriguez <[EMAIL PROTECTED]> wrote:
> and it doesn't include any view/read permissions. The Django admin site > code assumes any User with "is_staff" set to True can view/read everything. > It only uses permissions to limit the ability to add and change objects. I have a few users with is_staff = True and they can't see any models they don't have explicit permissions for. I even tried to access other models and I get a "Permission denied" error. > Any ideas on how could I implement that in the cleanest possible way? > > This is not a way in which the admin site is meant to be > extended/customized. The admin site is meant for trusted users. If you're > looking to limit what certain users can see, I believe you should be > developing your own custom views for this, not trying to make the admin site > do it. I guess i'd try customize the admin anyway. In the documentation you pointed out custom permission creation is described. I guess I could override the admin templates and and try to make use of this new permissions in order to get the desired effect. More ideas anyone? Percy. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---