1
0
mirror of https://github.com/django/django.git synced 2025-01-12 19:37:06 +00:00

Fixes a race condition in the documentation.

The example for django.contrib.admin.ModelAdmin.get_form modifies
self.exclude. However, since ModelAdmin instances are global and have no
thread- or request-locality, this is not safe for concurrent
requests.[1] This updated documentation demonstrates a safe method to
override admin forms on a per-request basis.

[1] https://groups.google.com/forum/#!topic/django-users/AmoUDtEefyA
This commit is contained in:
Peter Sagerson 2014-11-15 11:31:09 -08:00
parent d2d6c0c097
commit 0d1a9d203a

View File

@ -1488,16 +1488,20 @@ templates used by the :class:`ModelAdmin` views:
Returns a :class:`~django.forms.ModelForm` class for use in the admin add Returns a :class:`~django.forms.ModelForm` class for use in the admin add
and change views, see :meth:`add_view` and :meth:`change_view`. and change views, see :meth:`add_view` and :meth:`change_view`.
If you wanted to hide a field from non-superusers, for example, you could The base implementation uses :func:`~django.forms.models.modelform_factory`
override ``get_form`` as follows:: to subclass :attr:`~form`, modified by attributes such as :attr:`~fields`
and :attr:`~exclude`. So, for example, if you wanted to offer additional
fields to superusers, you could swap in a different base form like so::
class MyModelAdmin(admin.ModelAdmin): class MyModelAdmin(admin.ModelAdmin):
def get_form(self, request, obj=None, **kwargs): def get_form(self, request, obj=None, **kwargs):
self.exclude = [] if request.user.is_superuser:
if not request.user.is_superuser: kwargs['form'] = MySuperuserForm
self.exclude.append('field_to_hide')
return super(MyModelAdmin, self).get_form(request, obj, **kwargs) return super(MyModelAdmin, self).get_form(request, obj, **kwargs)
You may also simply return a custom :class:`~django.forms.ModelForm` class
directly.
.. method:: ModelAdmin.get_formsets(request, obj=None) .. method:: ModelAdmin.get_formsets(request, obj=None)
.. deprecated:: 1.7 .. deprecated:: 1.7