Is there a best practice on how to implement field level permissions in Django 2?

I need specific user groups to have read-only access to certain fields in a model instance.

Other user groups shall be able to modify all fields of the model instances.

I'm happy about any hints :)

#django #helpwanted

@morre maybe you could create model level a permission that you can use as an indicator to which set of fields the group can edit ?

E.g: modelname_edit_all_fields and modelname_edit_restricted_fields

And use this in your view or form to perform your checks?

(It only works if you don't need distinct restricted fields per group or user though)

docs.djangoproject.com/fr/2.2/

Follow

@morre if you need the list of editable fields to be dynamic, another approach is to encode the list of editable fields in the permission name, e.g:

modelname_editable_fields:title,cdate

And use this in your form to dynamically exclude some fields in the init?

Sign in to participate in the conversation
Mastodon.eliotberriot.com

mastodon.eliotberriot.com is one server in the network