djangorestframework-simplejwt: Can't delete users if using token blacklist app

I can recommend what @adriangzz commented, but instead of doing it in your virtual environment, I’d recommend using this resource: https://stackoverflow.com/a/9322007

Essentially, deregister our class, inherit the class for your custom code, then register it with the admin.

This also worked for us, thanks for the workaround! Below is a concrete example of what needs to happen inside of admin.py

from rest_framework_simplejwt import token_blacklist

class OutstandingTokenAdmin(token_blacklist.admin.OutstandingTokenAdmin):

    def has_delete_permission(self, *args, **kwargs):
        return True # or whatever logic you want

admin.site.unregister(token_blacklist.models.OutstandingToken)
admin.site.register(token_blacklist.models.OutstandingToken, OutstandingTokenAdmin)

This is my highly questionable solution until now: I have the following in my User ModelAdmin

    def BE_AWARE_NO_WARNING_clear_tokens_and_delete(self, request, queryset):
        users = queryset.values("id")
        OutstandingToken.objects.filter(user__id__in=users).delete()
        queryset.delete()

    actions = ["BE_AWARE_NO_WARNING_clear_tokens_and_delete"]

I can recommend what @adriangzz commented, but instead of doing it in your virtual environment, I’d recommend using this resource: https://stackoverflow.com/a/9322007

Essentially, deregister our class, inherit the class for your custom code, then register it with the admin.

Still seems to be an issue.

Sorry for this issue taking so long to resolve. Unfortunately, David has relieved ownership to Jazzband maintainers, and (fortunately) the head is now @auvipy from the celery project. The unfortunate part is I’ve never got an answer from David, so I’ll try to debug the past and figure out how to go about this. In the meantime, @auvipy, do you mind taking a look at this issue, #267, and what we should do? Thanks!

A quick fix can be obtained by going to your environment packages and navigating to rest_framework_simplejwt/token_blacklist/admin.py and setting def has_delete_permission(self, *args, **kwargs): return False to True

When this will be solved, @Andrew-Chen-Wang?

@adriangzz It’s become a huge annoyance for a lot of people. I’ll look into the commit history and find out when this happened. If you don’t mind also helping me search through the file’s history, that’d be helpful.

Edit: nvm found it 3648e642ffed493918c40a450015ae098b77ed19

That way, I can file a regression report to perhaps remove it. At this point, I can’t really give a solid answer myself.

I can recommend what @adriangzz commented, but instead of doing it in your virtual environment, I’d recommend using this resource: https://stackoverflow.com/a/9322007

Essentially, deregister our class, inherit the class for your custom code, then register it with the admin.

This also worked for us, thanks for the workaround! Below is a concrete example of what needs to happen inside of admin.py

from rest_framework_simplejwt import token_blacklist

class OutstandingTokenAdmin(token_blacklist.admin.OutstandingTokenAdmin):

    def has_delete_permission(self, *args, **kwargs):
        return True # or whatever logic you want

admin.site.unregister(token_blacklist.models.OutstandingToken)
admin.site.register(token_blacklist.models.OutstandingToken, OutstandingTokenAdmin)

This worked, thank you.

Definitely a better solution than mine, I’m always amazed by the things you can do in Django.

I can recommend what @adriangzz commented, but instead of doing it in your virtual environment, I’d recommend using this resource: https://stackoverflow.com/a/9322007

Essentially, deregister our class, inherit the class for your custom code, then register it with the admin.

This worked. Thank you Andrew.

Still seems to be an issue.

Yes, can confirm that too.