Restricting only certain users to modify a row in a list display within the Django admin

Question

My models.py looks like this :

class Change(models.Model):
   RFC = models.CharField(max_length=10)
   Ticket_Number = models.CharField(max_length=10)
   Plan_Owner = models.ForeignKey(User)
   Plan_validater = models.ForeignKey(User)

My admin.py looks like this :

class ChangeAdmin(admin.ModelAdmin):
   search_fields = ('RFC', 'Ticket_Number','Plan_Owner','Plan_validater')
   list_display = ('RFC', 'Ticket_Number','Plan_Owner','Plan_validater')

   fieldsets = [
    ('Ticket Details', {
        'fields': ['RFC', 'Ticket_Number', 'Plan_Owner','Plan_validater']}),
   ]

   admin.site.register(Change, ChangeAdmin)

What I want to ensure that only the plan owner or the plan validater for a particular change can edit it.Everyone can view it,but doing changes to a row should be restricted to only the change or plan owner.Also they can only edit it and not delete it.Only the superuser can add or delete changes. This link on the django site does mention some clues but my lack of experience with the framework prevents me from implementing it...

Answer 1

It should be something like this:

class ChangeAdmin(ModelForm):


def clean(self):
    if self.request.user != self.Plan_Owner or self.request.user != self.Plan_validater or not :
        raise ValidationError(u'Permission denied')
    else:
        return self.cleaned_data

To access the current user, override the ModelAdmin.get_form, by adding the request as an attribute of the newly created form class .

class EntryAdmin(admin.ModelAdmin):
    form = EntryAdminForm

    def get_form(self, request, *args, **kwargs):
        form = super(EntryAdmin, self).get_form(request, *args, **kwargs)
        form.request = request
        return form