Hi
I want to develop an in-house CRM system for my company.
I am not able to figure out the field level security. I want to give the admin a page where he/she can assign field level security for each Group. Admin can assign Read/Edit/Hide field for each Profile.
Currently i can give access to Row or Model. I can do this using code but i want it to be dynamic.
It will be similar to Salesforce Field security.
Any advise on how i can achieve it,
-Thanks
You’re not going to be able to easily or reasonably do this using the admin. This is well outside the scope of what the admin is designed to provide.
You’ll want to create your own views and extensions to the permissions system to support this. You’ll actually find that easier than trying to adapt the admin for that.
Again, I’m not saying it can’t be done - I’m sure there’s a way to do it. But it’s not the easiest way. You’ll find yourself spending more time finding ways around the structure of the admin than you would by working it in your own views.
Quoting directly from the Django admin site docs:
The admin’s recommended use is limited to an organization’s internal management tool. It’s not intended for building your entire front end around.
and
If you need to provide a more process-centric interface that abstracts away the implementation details of database tables and fields, then it’s probably time to write your own views.
I suggest you follow this advice.
thanks @KenWhitesell for reply.
is there any prebuilt libraries which can help me.
When looking for third-party packages for anything related to Django, the djangopackages.org site is the best place to start.
You might find some libraries that can help with this, but my experiences with detailed authorization requirements are that you end up doing most of the work anyway. It’s really tough to come up with a generalized solution for this that works outside one or two specific use-cases.