[1.5.x] Added warning about get_inline_instances() permission checking; refs #23754.

Backport of e0d1f2684ae60573b209783f9fd4f9db163ad704 from master
2025-03-14 03:10:45 +00:00 · 2014-11-25 13:13:45 -05:00 · 2014-11-25 13:13:45 -05:00 · 17ffd24d9b
commit 17ffd24d9b
parent da3a23a4df
1 changed files with 12 additions and 1 deletions
--- a/docs/ref/contrib/admin/index.txt
+++ b/docs/ref/contrib/admin/index.txt
@ -1128,7 +1128,18 @@ templates used by the :class:`ModelAdmin` views:
    ``obj`` being edited (or ``None`` on an add form) and is expected to return
    a ``list`` or ``tuple`` of :class:`~django.contrib.admin.InlineModelAdmin`
    objects, as described below in the :class:`~django.contrib.admin.InlineModelAdmin`
-    section.
+    section. For example, the following would return inlines without the default
+    filtering based on add, change, and delete permissions::
+
+        class MyModelAdmin(admin.ModelAdmin):
+            inlines = (MyInline,)
+
+            def get_inline_instances(self, request, obj=None):
+                return [inline(self.model, self.admin_site) for inline in self.inlines]
+
+    If you override this method, make sure that the returned inlines are
+    instances of the classes defined in :attr:`inlines` or you might encounter
+    a "Bad Request" error when adding related objects.

 .. method:: ModelAdmin.get_urls()