django admin permissions to modify model's attributes

Question

we are using django to develop a customer-management application, and we need to set permissions to an agent whether he/she can edit the customer's attributes ().

for example,

if i have a model:

class Customer(models.Model):
    # basic information
    name = models.CharField(max_length=150) # the name of this customer
    date = models.DateField(auto_now_add=True) # the date that this customer is created

    # personal information
    citizen_id = models.BigIntegerField(blank=True)
    phone = models.BigIntegerField(max_length=20, blank=True)
    work = models.CharField(max_length=100, blank=True)
    address = models.CharField(max_length=300, blank=True)
    bank_card = models.BigIntegerField()

    # installation detail 
    primary = models.IntegerField(default=0)
    secondary = models.IntegerField(default=0)
    region = models.ForeignKey(Region) # the region that this customer currently lives in
    type = models.ForeignKey(Type) # the installation type
    group = models.ForeignKey(Group)

    STATUS_CHOICES = (
                  ('Active', 'Active'),
                  ('Inactive', 'Inactive'),
                  ('Transfered', 'Transfered'),
                  ('Closed', 'Closed'),
                  ('Suspended', 'Suspended'),
                  ('Cancelled', 'Cancelled'),
                  )

    status = models.CharField(max_length=40, choices=STATUS_CHOICES)

and I want to be able to set the permissions for editing some of the fields, but the current permission system only allow you add/change/delete a model instance, where the "change" allows an user to edit all the attributes in that model, which is not what we really want.

user A can edit phone, address, work and citizen_id user B can only edit phone and address, user C can edit citizen_id, ..... etc...

and I want to be able to set different permissions

Is it possible to make this happen? It'd be really helpful if I could use the django admin system to manage agents and customers.

======================= thank you so much for FallenAngel's reply.

I think that's exactly what we want.

this is what I've tried,

in admin.py

class CustomerAdmin(admin.ModelAdmin):
    def change_view(self, request, object_id, extra_context=None):
        agent = Agent.object.get(user=request.user)
        permitted_fields = agent.permitted_fields # assume i have this setup...
        self.readonly_fields = get_not_permitted_fields(premitted_fields) # assume I have this function written somewhere
        return super(CustomerAdmin, self).change_view(request, object_id,
            extra_context=None) 

this works exactly that way I want: for the not permitted fields, set them to readonly...

thanks again,

Answer 1

That is possible... You must use django admin methods as they described in here... You must define add_view, change_view and changelist_view functions...

You must also find a way to group users (groups might be a good way, or you can use permissions). I create a model that extends User model, but you can find your own way...

Second write basic add, change and listview founctions like:

class CustomerAdmin(admin.ModelAdmin):
    list_display= ["fields that will be used for all users"]

    def changelist_view(self, request, extra_context=None):
        if request.user == "type a":
            self.list_display.extend["list of other fields"]
        return super(CustomerAdmin, self).changelist_view(request, extra_context)

You must specify add, change (and changelist if required) views and handle each user type. Then Django will show related fields for the user. You extend list_display, fileds, exclude, list_filter and such django admin field display methods...