Hi,
I have a table called Product. All users can add, edit and delete each row of data. But I want to make those data available to the user only if the logged user is the owner of that row.
How to control this feature for the Product model.
I am not creating any customer portal but is making use of the default Django admin portal for each user.
I am a beginner in Django and trying to design a small website for learning purpose.
It would really great if someone could help me out.
Thank You
If you’re trying to learn Django, then you probably want to learn how to do things properly.
With that in mind, I’ll copy part of a paragraph from the official docs:
The admin’s recommended use is limited to an organization’s internal management tool. It’s not intended for building your entire front end around.
What typically happens to people trying to do something like this is that once they get past what the admin is designed to do, they end up making more work for themselves by making the admin do things it wasn’t designed to do, when they would have been done sooner and with less effort by not trying to rely upon the admin for everything.
You’ll probably find it easier overall if you just start with planning to do this with a form, view, and template instead of trying to do this with the admin - if not now, then a couple months from now as you’re trying to add functionality.
Also, you describe yourself as a beginner in Django. Have you worked your way through either the official Django Tutorial or the Django Girls Tutorial? If you haven’t I’d strongly recommend either or both of them as your first project.
Actually introducing rights and permissions on top of a simple application is a pretty big step, as there are a number of different pieces all working together to make it work well.
What you’re looking to do - only allow the “owner” of a row, is rather easy. Assuming you have a ForeignKey field in Product that identifies the owner of that product, you can check to see that the request is coming from the same user as that owner when the request is made to edit an instance.
Once you’re beyond that point, then the pages you want to look at include:
Hi,
I did understand what you were telling. I want to know how to utilize the admin portal to make the initial functionalities simpler and on the way I will create my custom dashboard for users.
Thank you for you valuable suggestions. 