ambient-innovation / django-dynamic-admin Goto Github PK

It would be nice to have ability to make ChoiceField dynamic (to handle choices)

The installation guide mentions adding dynamic_admin_forms.urls to urls.py.

However, doing this will mean that the URL can be accessed by anyone, even those who are not admin users. This will render the widget in the browser and potentially expose sensitive information.

I have modified the package to define the URLs within a custom admin site:

class CustomAdminSite(AdminSite):
    def get_urls(self):
        urls = super().get_urls()
        my_urls = [
            path("dynamic-admin-form/<app_label>/<model_name>/<field_name>/",
                 self.admin_view(CustomDynamicModelAdminMixin.render_field))
        ]
        return my_urls + urls

Wrapping the view in self.admin_view adds Django's security checks, meaning only users with access to the admin dashboard can call the URL.

I needed to modify the mixin to target the custom admin site, rather than the default, and the JS file to reflect the new admin URL.

The url currently used is hard coded. We should be able to let the user set the whole url or at least a prefix.

It makes sense to have GET requests sent to this url /admin/dynamic-admin-form/?${params}

Currently, select2 widgets will be replaced by normal select elements when the field rerenders. It would however be nice to update the widgets option instead of replacing it.