Users with view permission cannot see custom action

[cheng10]

I have a custom action, eg: publish_article. And i want users with only view permission to perform this action. However, this package gives no actions for users with only view permission. I think this is not reasonable.

related code: admin_view_permission/admin.py, line 208:

        # If the user doesn't have delete permission return an empty
        # OrderDict otherwise return only the default admin_site actions
        if not self.has_delete_permission(request):
            return OrderedDict()

[lefterisnik]

Hi @cheng10,

Thank you for the report. To implement something like this requires different permissions per action which adds a lot of complexity.

For example let's say that we have 2 actions:

1. Updates all the rows with some values.
2. Return a csv with the selected rows.

In the above scenario a user with view permission only should be able to execute only the 2nd action, not the 1st one. So, we need something that specifies a permission per action. The package cannot handle these cases because it depends on each project and your needs. To succeed that you could override the get_actions method on your modeladmin class and return the appropriate actions according to the permissions.