views:

81

answers:

1

One company with many branches across the world using the same app. Each branch's supervisor, signing into the same /admin, should see and be able to manage only their records across many models (blog, galleries, subscribed users, clients list, etc.).

How to solve it best within django? I need a flexible and reliable solution, not hacks. Never came across this task, so really have no idea how to do it for the moment.

Tx

+1  A: 

There is a nice tutorial here on Django Admin. It includes customizing the Admin to add row-level permissions (which, as i understand it, is what you want).

arcanum
tx, that's it!"Of course, nothing currently prevents a determined user from accessing an edit page for an unauthorized document by knowing its ID. Truly secure row-level permissions require more method overriding. Because admin users are generally trusted to some degree anyway, sometimes basic permissions are enough to provide a streamlined workflow. "if you had any ready made solution for that one, i'd be thankful, if not i'll try it myself later.
zalew