django admin permissions for specific fields in models


In my django admin apps, I would like to manage permissions for specific fields in models. I read custom permissions in documentation but it’s not clear for me, I’m new in python and django.
For example I have a model Client with fields name, birth, address, compagny, category(OnetoOne with category class), is_active. I have also three users : admin(superuser), Charly(employee) and Gregory(chief).
Gregory(chief) must handle category, address and is_active of the Client. In his admin form, he will can see and change all fields but Charly(employee) must see only name and birth fields in his panel. He will change only birth of the Client.

I need code of this example.


First, I’m going to point out something in the very first paragraph of the Django Admin site documentation.

The admin’s recommended use is limited to an organization’s internal management tool. It’s not intended for building your entire front end around.
(emphasis mine)

What this boils down to is that yes, you can extend the admin site to do what you want - the real question is whether or not you should, and in this case, I would come down on the side of “no, this is a bad idea”. (If nothing else, Charly and Gregory are going to need to be given access to the overall admin site in order to do this, which means you’ll need to ensure that all admin pages are extended to protect the models that they aren’t supposed to modify.)

However, if you are absolutely determined to go this route, you’ll need to create your own ModelAdmin model for your models, and override the get_readonly_fields method. (There are other ways, this may be the easiest.)

But, the easier way to handle this will be to create your own view with a custom form that can define the read-only fields based upon your specific requirements. (You could also define different forms with the fields defined at the form layer and pick the right form based upon the user or group.)