Is there a best practice on how to implement field level permissions in Django 2?

I need specific user groups to have read-only access to certain fields in a model instance.

Other user groups shall be able to modify all fields of the model instances.

I'm happy about any hints :)

#django #helpwanted

@morre maybe you could create model level a permission that you can use as an indicator to which set of fields the group can edit ?

E.g: modelname_edit_all_fields and modelname_edit_restricted_fields

And use this in your view or form to perform your checks?

(It only works if you don't need distinct restricted fields per group or user though)

@morre if you need the list of editable fields to be dynamic, another approach is to encode the list of editable fields in the permission name, e.g:


And use this in your form to dynamically exclude some fields in the init?

Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!