diff options
| author | Carl Meyer <carl@oddbird.net> | 2011-10-07 00:41:25 +0000 |
|---|---|---|
| committer | Carl Meyer <carl@oddbird.net> | 2011-10-07 00:41:25 +0000 |
| commit | b1b1da1eac93297503c04b8394fb98e38f552f5f (patch) | |
| tree | 774b258c552e330f98ee8f437e76b6159c8500b4 /docs | |
| parent | e2f9c11736db9e23004733760303f605f1cfb924 (diff) | |
Fixed #8060 - Added permissions-checking for admin inlines. Thanks p.patruno for report and Stephan Jaensch for work on the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16934 bcc190cf-cafb-0310-a4f2-bffc1f526a37
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/ref/contrib/admin/index.txt | 8 | ||||
| -rw-r--r-- | docs/releases/1.4.txt | 9 |
2 files changed, 16 insertions, 1 deletions
diff --git a/docs/ref/contrib/admin/index.txt b/docs/ref/contrib/admin/index.txt index fbe4c2a741..02e539e6f2 100644 --- a/docs/ref/contrib/admin/index.txt +++ b/docs/ref/contrib/admin/index.txt @@ -1391,11 +1391,17 @@ adds some of its own (the shared features are actually defined in the - :attr:`~ModelAdmin.ordering` - :meth:`~ModelAdmin.queryset` +.. versionadded:: 1.4 + +- :meth:`~ModelAdmin.has_add_permission` +- :meth:`~ModelAdmin.has_change_permission` +- :meth:`~ModelAdmin.has_delete_permission` + The ``InlineModelAdmin`` class adds: .. attribute:: InlineModelAdmin.model - The model in which the inline is using. This is required. + The model which the inline is using. This is required. .. attribute:: InlineModelAdmin.fk_name diff --git a/docs/releases/1.4.txt b/docs/releases/1.4.txt index 5580b67dce..6a97060f40 100644 --- a/docs/releases/1.4.txt +++ b/docs/releases/1.4.txt @@ -128,6 +128,15 @@ A new :meth:`~django.contrib.admin.ModelAdmin.save_related` hook was added to :mod:`~django.contrib.admin.ModelAdmin` to ease the customization of how related objects are saved in the admin. +Admin inlines respect user permissions +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Admin inlines will now only allow those actions for which the user has +permission. For ``ManyToMany`` relationships with an auto-created intermediate +model (which does not have its own permissions), the change permission for the +related model determines if the user has the permission to add, change or +delete relationships. + Tools for cryptographic signing ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
