I have done a django web app in which users can input some data. I have created a super user and as the admin of the app I can see the data input by users which is fine for name and not sensitive data but I do not want to be able to see their sensitive data such as health data.
I have used the encrypt module from django_cryptography.fields as follow:
health_data = encrypt(models.IntegerField(default=140))
I figured out that if I am looking at the database from external script or simple DBbrowser, it works well as I cannot see the sensitive data. But I understood that this is seamless in the django admin: in django admin page it is decrypting before it is rendered.
So I am ok with the encrypt data which is additional safety but this was not my first goal. I want to have the super user but I want that I am not able to see their sensitive data. Do you have any ideas ? I appreciate your time reading.
As suggested here I changed my admin code from this:
from django.contrib import admin
from .models import MyModel
# Register your models here.
admin.site.register(MyModel)
to this:
@admin.register(MyModel)
class MyModelAdmin(admin.ModelAdmin):
# avoid admin can see the sensitive data in admin page
fields = ("non_sensitive_field1", "non_sensitive_field2",...,)
By this way I customize the rendered fields in admin page. I cannot see anymore the sensitive data from users in the admin page which is the behavior I wanted.