Open enricofer opened 1 year ago
@enricofer Thanks for the patch. Could you please add some tests demonstrating the new function and fix the linting error?
@enricofer I was also thinking why does we need to limit the access restriction only for cases when ADD_ACTION_GLOBALLY=False
. I understand that it is because the admin action is added through admin.site.add_action()
on global level, but then I bumped to this in the Django docs: https://docs.djangoproject.com/en/4.0/ref/contrib/admin/actions/#setting-permissions-for-actions
I am not sure from the docs if it is available also for the global actions, but can you please try if it works?
Unfortunately I can't get user permission checking with ADD_ACTION_GLOBALLY=True
.
Action list manipulation and even those actions decorators are only available under modelAdmin class through a mixin.
I don't find at the moment any solution for this.
So for user permission checking we have to set ADD_ACTION_GLOBALLY=False
and subclass client model admin from MassEditMixin
documentation update will follow
And finally there is a demo site missing migration in the master repo: https://github.com/burke-software/django-mass-edit/pull/110/commits/3e7243bbadba6bc52976bf29318c1f28ed8e7153 The pull request is going to fix this too.
@enricofer Thank you very much for everything. It looks very nice now. There is one last thing. Can you please add following tests:
mass_change_view
when the user has massadmin.can_mass_edit
permissions.MassEditMixin.get_actions()
(ideally both with and without permissions).ADD_ACTION_GLOBALLY=True
(use override_settings)
Hi, thanks for your handy app. With the PR I'm suggesting to limit the availability of 'Mass edit' action only to users belonging to a specified group. Mass Edit action could be very dangerous and sometimes should be perfomed only by conscious users.
Best Regards. Enrico