Model admin methods used in list_display like approve_or_reject should return text. If you mark the output as safe, you can return HTML. However, the return value is not treated like Django template language, so using the csrf token tag won't work.
It wouldn't be easy to get the csrf token inside the approve_or_reject method, because you do not have access to the request object. Another issue is that the entire changelist table is already wrapped in a form tag (id="changelist-form"), and form tags should not be nested.
An alternative would be to implement your 'approve or reject' functionality as an admin action. The UI would be different, but it might be good enough.
Asked in February 2016Viewed 3,617 timesVoted 14Answered 1 times