Django

Code

Changeset 3629

Show
Ignore:
Timestamp:
08/20/06 17:46:38 (2 years ago)
Author:
clong
Message:

[per-object-permissions] Fixed bug in contains_permission where it was just checking against any permission instead of the given permission
[per-object-permissions] Made changes so delete and "Save and add another" only shows up if the user has permissions
[per-object-permissions] Rewrote the has permission variables in the context for change form to use has_perms and check for model

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • django/branches/per-object-permissions/django/contrib/admin/templates/admin/change_form.html

    r3623 r3629  
    6868</form> 
    6969 
    70 {% comment %} 
    71 {% if new_rlp_form  %} 
    72 <div id="row_level_perm_container"> 
    73 {% include "admin/row_level_permission.html" %} 
    74 </div> 
    75 {% endif %} 
    76 {% endcomment %} 
    7770 
    7871</div> 

  • django/branches/per-object-permissions/django/contrib/admin/templatetags/adminapplist.py

    r3627 r3629  
    3030 
    3131                            perms = { 
    32                                 'add': user.contains_permission("%s.%s" % (app_label, m._meta.get_add_permission()), m), 
     32                                'add': user.contains_permission("%s.%s" % (app_label, m._meta.get_add_permission())), 
    3333                                'change': user.contains_permission("%s.%s" % (app_label, m._meta.get_change_permission()), m), 
    3434                                'delete': user.contains_permission("%s.%s" % (app_label, m._meta.get_delete_permission()), m), 

  • django/branches/per-object-permissions/django/contrib/admin/templatetags/admin_modify.py

    r3464 r3629  
    4343                              and (change or context['show_delete'])), 
    4444        'show_save_as_new': not is_popup and change and opts.admin.save_as, 
    45         'show_save_and_add_another': not is_popup and (not opts.admin.save_as or context['add'])
     45        'show_save_and_add_another': not is_popup and (not opts.admin.save_as or context['add']) and context['has_add_permission']
    4646        'show_save_and_continue': not is_popup and context['has_change_permission'], 
    4747        'show_save': True 

  • django/branches/per-object-permissions/django/contrib/admin/views/main.py

    r3628 r3629  
    200200        'add': add, 
    201201        'change': change, 
    202         'has_delete_permission': context['perms'][app_label][opts.get_delete_permission()], 
    203         'has_change_permission': context['perms'][app_label][opts.get_change_permission()], 
     202        'has_delete_permission': context['user'].has_perm(app_label+"."+opts.get_delete_permission(), original), 
     203        'has_change_permission': context['user'].has_perm(app_label+"."+opts.get_change_permission(), original), 
     204        'has_add_permission': context['user'].has_perm(app_label+"."+opts.get_add_permission()), 
    204205        'has_file_field': opts.has_field_type(models.FileField), 
    205206        'has_absolute_url': hasattr(model, 'get_absolute_url'), 

  • django/branches/per-object-permissions/django/contrib/admin/views/row_level_permissions.py

    r3628 r3629  
    4545                                list_per_page) 
    4646    page = int(request.GET.get('page', 1))-1 
    47     rlp_list = paginator.get_page(page)     
     47    try: 
     48        rlp_list = paginator.get_page(page)     
     49    except InvalidPage: 
     50        rlp_list = [] 
    4851    paginator_context = { 
    4952        "is_paginated": paginator.has_next_page(0), 

  • django/branches/per-object-permissions/django/contrib/auth/models.py

    r3627 r3629  
    338338        return True 
    339339 
    340     def contains_permission(self, perm, model): 
     340    def contains_permission(self, perm, model=None): 
    341341        if self.has_perm(perm): 
    342342            return True 
    343         perm = perm[perm.index('.')+1:] 
    344         return self.contains_row_level_perm(perm, model) 
    345  
     343        if model and model._meta.row_level_permissions: 
     344            perm = perm[perm.index('.')+1:] 
     345            return self.contains_row_level_perm(perm, model) 
     346        return False 
     347         
    346348    def contains_row_level_perm(self, perm, model): 
    347349        model_ct = ContentType.objects.get_for_model(model) 
    348         count = self.row_level_permissions_owned.filter(model_ct=model_ct.id).count()  
     350        if isinstance(perm, str): 
     351            permission = Permission.objects.get(codename__exact=perm, content_type=model_ct.id) 
     352        else: 
     353            permission = perm 
     354        count = self.row_level_permissions_owned.filter(model_ct=model_ct.id, permission=permission.id).count()  
     355 
    349356        if count>0: 
    350357            return True 
    351         return self.contains_group_row_level_perms(perm, model_ct)         
     358        return self.contains_group_row_level_perms(permission, model_ct)         
    352359 
    353360    def contains_group_row_level_perms(self, perm, ct): 
     
    368375                AND rlp.%s = 0 
    369376                AND rlp.%s = %%s 
     377                AND rlp.%s = %%s 
    370378                AND rlp.%s = %%s""" % ( 
    371379            backend.quote_name('auth_user_groups'), backend.quote_name('auth_rowlevelpermission'),  
     
    373381            backend.quote_name('group_id'), backend.quote_name('user_id'), 
    374382            backend.quote_name('negative'), backend.quote_name('owner_ct_id'), 
    375             backend.quote_name('model_ct_id')
     383            backend.quote_name('model_ct_id'), backend.quote_name('permission_id')
    376384         
    377         cursor.execute(sql, [self.id, ContentType.objects.get_for_model(Group).id, ct.id]) 
     385        cursor.execute(sql, [self.id, ContentType.objects.get_for_model(Group).id, ct.id, perm.id]) 
    378386        count = int(cursor.fetchone()[0]) 
    379387        return (count>0)