diff --git a/CHANGELOG.rst b/CHANGELOG.rst index d9000d1..ef4506c 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -14,6 +14,9 @@ Next version - Added support for Django 5.1. - Exempted our login views from the ``LoginRequiredMiddleware``. - Dropped Django 4.1 from the CI. 3.2 is still there. +- Changed the default ``authlib.little_auth`` admin to hide the user + permissions field; permissions should preferrably be added via authlib roles, + or less preferrably via group permissions. 0.16 (2023-09-17) diff --git a/authlib/base_user.py b/authlib/base_user.py index 64878b4..34c13b4 100644 --- a/authlib/base_user.py +++ b/authlib/base_user.py @@ -28,7 +28,11 @@ class BaseUser(auth_models.AbstractBaseUser, auth_models.PermissionsMixin): email = models.EmailField(_("email"), max_length=254, unique=True) is_active = models.BooleanField(_("is active"), default=True) - is_staff = models.BooleanField(_("is staff"), default=False) + is_staff = models.BooleanField( + _("is staff"), + default=False, + help_text=_("Designates whether the user can log into this admin site."), + ) date_joined = models.DateTimeField(_("date joined"), default=timezone.now) objects = BaseUserManager() diff --git a/authlib/little_auth/admin.py b/authlib/little_auth/admin.py index e806771..92a8c15 100644 --- a/authlib/little_auth/admin.py +++ b/authlib/little_auth/admin.py @@ -1,15 +1,49 @@ from django.contrib import admin from django.contrib.auth.admin import UserAdmin as StockUserAdmin +from django.utils.translation import gettext_lazy as _ from authlib.little_auth.models import User @admin.register(User) class UserAdmin(StockUserAdmin): - fieldsets = None add_fieldsets = ( - (None, {"classes": ("wide",), "fields": ("email", "password1", "password2")}), + (None, {"classes": ["wide"], "fields": ("email", "password1", "password2")}), ) + fieldsets = [ + ( + None, + { + "fields": [ + "is_active", + "email", + "password", + "full_name", + ] + }, + ), + ( + _("Permissions"), + { + "fields": [ + "is_staff", + "is_superuser", + "role", + ] + }, + ), + ( + _("Advanced"), + { + "classes": ["collapse"], + "fields": [ + "date_joined", + "last_login", + "groups", + ], + }, + ), + ] list_display = ( "email", "full_name", @@ -24,3 +58,4 @@ class UserAdmin(StockUserAdmin): search_fields = ("full_name", "email") filter_horizontal = ("groups", "user_permissions") radio_fields = {"role": admin.VERTICAL} + readonly_fields = ["last_login"] diff --git a/authlib/little_auth/migrations/0001_initial.py b/authlib/little_auth/migrations/0001_initial.py index 79f9cc9..145059a 100644 --- a/authlib/little_auth/migrations/0001_initial.py +++ b/authlib/little_auth/migrations/0001_initial.py @@ -49,7 +49,11 @@ class Migration(migrations.Migration): ), ( "is_staff", - models.BooleanField(default=False, verbose_name="is staff"), + models.BooleanField( + default=False, + help_text="Designates whether the user can log into this admin site.", + verbose_name="is staff", + ), ), ( "date_joined",