Re: [Django] #17985: Add additional lookup_allowed whitelist functionality to ModelAdmin

[Django]

#17985: Add additional lookup_allowed whitelist functionality to ModelAdmin
---+--
 Reporter:  3point2|Owner:  nobody
 Type:  New feature|   Status:  reopened
Component:  contrib.admin  |  Version:  1.4
 Severity:  Normal |   Resolution:
 Keywords: | Triage Stage:  Unreviewed
Has patch:  0  |  Needs documentation:  0
  Needs tests:  0  |  Patch needs improvement:  0
Easy pickings:  0  |UI/UX:  0
---+--
Changes (by 3point2):

 * status:  closed => reopened
 * resolution:  wontfix =>


Comment:

 Sorry to re-open. I'm fine with overriding lookup_allowed, but I opened
 this ticket because I feel like this is a feature that is generally
 useful, and lookup_allowed is undocumented. I feel like this functionality
 should be officially supported, and overriding an undocumented method is
 more of a work-around. Also see http://www.hoboes.com/Mimsy/hacks/fixing-
 django-124s-suspiciousoperation-filtering/lookup_allowed-gets-new-
 parameter-value/

 At the very least, documenting lookup_allowed would be helpful.

 If on the other hand you feel that this functionality is not a common use
 case, I'm fine with closing the ticket and sticking with the work around.

-- 
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To post to this group, send email to django-updates@googlegroups.com.
To unsubscribe from this group, send email to 
django-updates+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-updates?hl=en.

Re: [Django] #17985: Add additional lookup_allowed whitelist functionality to ModelAdmin

[Django]

#17985: Add additional lookup_allowed whitelist functionality to ModelAdmin
---+--
 Reporter:  3point2|Owner:  nobody
 Type:  New feature|   Status:  closed
Component:  contrib.admin  |  Version:  1.4
 Severity:  Normal |   Resolution:  wontfix
 Keywords: | Triage Stage:  Unreviewed
Has patch:  0  |  Needs documentation:  0
  Needs tests:  0  |  Patch needs improvement:  0
Easy pickings:  0  |UI/UX:  0
---+--
Changes (by julien):

 * status:  new => closed
 * needs_better_patch:   => 0
 * resolution:   => wontfix
 * needs_tests:   => 0
 * needs_docs:   => 0


Comment:

 Thanks for the suggestion, but you can already easily achieve this by
 overriding the `ModelAdmin.lookup_allowed()` method. So there is no need
 for introducing a new class attribute.

-- 
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To post to this group, send email to django-updates@googlegroups.com.
To unsubscribe from this group, send email to 
django-updates+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-updates?hl=en.

[Django] #17985: Add additional lookup_allowed whitelist functionality to ModelAdmin

[Django]

#17985: Add additional lookup_allowed whitelist functionality to ModelAdmin
---+
 Reporter:  3point2|  Owner:  nobody
 Type:  New feature| Status:  new
Component:  contrib.admin  |Version:  1.4
 Severity:  Normal |   Keywords:
 Triage Stage:  Unreviewed |  Has patch:  0
Easy pickings:  0  |  UI/UX:  0
---+
 Right now, as a result of the security fix introduced in r15031, the only
 way to allow querystring lookups across relationships in the admin is to
 whitelist them by including them in list_filter.

 However, in my application the lookup that needs to be whitelisted
 generates a huge filter widget as it contains thousands of instances.

 It would be helpful if I could whitelist the exact lookup I need to link
 to without having to generate the filter widget itself.

 Something like
 {{{
 class MyModelAdmin(ModelAdmin):
 allow_lookup = ["fieldname__id__exact"]
 }}}

 would do. If the developers agree this is useful functionality, I could
 write a patch.

-- 
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To post to this group, send email to django-updates@googlegroups.com.
To unsubscribe from this group, send email to 
django-updates+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-updates?hl=en.