How can I make a Django model read-only?

Override the save and delete methods for the model. How are you planning to add objects to your model?

def save(self, *args, **kwargs):
     return

def delete(self, *args, **kwargs):
     return

Database Routers

To take more precautions that your model is read-only, you can use the DATABASE_ROUTERS setting to disable writing on a per model basis:

# settings.py
DATABASE_ROUTERS = ('dbrouters.MyCustomRouter', )


# dbrouters.py
class MyCustomRouter(object):
    def db_for_write(self, model, **hints):
        if model == MyReadOnlyModel:
            raise Exception("This model is read only. Shame!")
         return None

I would consider this an insurance policy, and not the primary way to solve the problem. Mikael's answer, for example, is great but doesn't cover all cases because some Django operations bypass delete and save methods.

See Juan José Brown's answer in Django - how to specify a database for a model? for a more detailed description of using a database router.

Setting permissions on database user

However, even the database router approach seems to have loopholes, i.e. there are ways to send SQL from Django that bypasses your router code. To be absolutely sure of making something readonly, you should set the permissions on the database user. This question describes how to set up a readonly postgreql user, which could then be the database user set by Django in settings.DATABASES.

How can I make a Django model read-only?

Database Routers

Setting permissions on database user

Tags:

Django

Django Models

Readonly

Django Orm

Related

Recent Posts