Changeset 4256 for django/branches/generic-auth
- Timestamp:
- 12/28/06 21:15:37 (2 years ago)
- Files:
-
- django/branches/generic-auth/django/contrib/admin/templatetags/adminapplist.py (modified) (1 diff)
- django/branches/generic-auth/django/contrib/admin/views/main.py (modified) (9 diffs)
- django/branches/generic-auth/django/db/models/options.py (modified) (4 diffs)
- django/branches/generic-auth/tests/regressiontests/generic_auth/tests.py (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
django/branches/generic-auth/django/contrib/admin/templatetags/adminapplist.py
r4025 r4256 29 29 for m in app_models: 30 30 if m._meta.admin: 31 opts = m._meta31 # TODO: convert this to use Permission objects instead of strings 32 32 perms = { 33 'add': has_permission(user, opts.get_add_permission()),34 'change': has_permission(user, opts.get_change_permission()),35 'delete': has_permission(user, opts.get_delete_permission()),33 'add': user.has_perm("%s.%s" % (app_label, m._meta.get_add_permission())), 34 'change': user.has_perm("%s.%s" % (app_label, m._meta.get_change_permission())), 35 'delete': user.has_perm("%s.%s" % (app_label, m._meta.get_delete_permission())), 36 36 } 37 37 django/branches/generic-auth/django/contrib/admin/views/main.py
r4255 r4256 201 201 'add': add, 202 202 'change': change, 203 'has_delete_permission': context['perms'][app_label][opts.get_delete_permission() .codename],204 'has_change_permission': context['perms'][app_label][opts.get_change_permission() .codename],203 'has_delete_permission': context['perms'][app_label][opts.get_delete_permission()], 204 'has_change_permission': context['perms'][app_label][opts.get_change_permission()], 205 205 'has_file_field': opts.has_field_type(models.FileField), 206 206 'has_absolute_url': hasattr(model, 'get_absolute_url'), … … 231 231 opts = model._meta 232 232 233 if not has_permission(request.user, opts. get_add_permission()):233 if not has_permission(request.user, opts.add_permission): 234 234 raise PermissionDenied 235 235 … … 254 254 # object here. We're concerned with whether the user can edit 255 255 # ANY instances of this model, not just the one we created. 256 if has_permission(request.user, opts. get_change_permission()):256 if has_permission(request.user, opts.change_permission): 257 257 # redirect to list view 258 258 post_url = '../' … … 319 319 raise Http404('%s object with primary key %r does not exist' % (model_name, escape(object_id))) 320 320 321 if not has_permission(request.user, opts. get_change_permission(), manipulator.original_object):321 if not has_permission(request.user, opts.change_permission, manipulator.original_object): 322 322 raise PermissionDenied 323 323 … … 427 427 else: 428 428 if related.opts.admin: 429 if not has_permission(user, related.opts. get_delete_permission(), related):429 if not has_permission(user, related.opts.delete_permission, related): 430 430 perms_needed.add(related.opts.verbose_name) 431 431 # We don't care about populating deleted_objects now. … … 457 457 # permission to delete them, add the missing perm to perms_needed. 458 458 if related.opts.admin and has_related_objs: 459 if not has_permission(user, related.opts. get_delete_permission(), related):459 if not has_permission(user, related.opts.delete_permission, related): 460 460 perms_needed.add(related.opts.verbose_name) 461 461 for related in opts.get_all_related_many_to_many_objects(): … … 485 485 # permission to change them, add the missing perm to perms_needed. 486 486 if related.opts.admin and has_related_objs: 487 if not has_permission(user, related.opts. get_delete_permission(), related):487 if not has_permission(user, related.opts.delete_permission, related): 488 488 perms_needed.add(related.opts.verbose_name) 489 489 … … 496 496 opts = model._meta 497 497 obj = get_object_or_404(model, pk=object_id) 498 if not has_permission(request.user, opts. get_delete_permission(), obj):498 if not has_permission(request.user, opts.delete_permission, obj): 499 499 raise PermissionDenied 500 500 … … 750 750 # has_permission. There should be a has_permission implementation 751 751 # registered that knows when the obj arg is missing. 752 if not has_permission(request.user, model._meta. get_change_permission()):752 if not has_permission(request.user, model._meta.change_permission): 753 753 raise PermissionDenied 754 754 try: django/branches/generic-auth/django/db/models/options.py
r4025 r4256 107 107 108 108 def get_add_permission(self): 109 return 'add_%s' % self.object_name.lower() 110 111 def get_change_permission(self): 112 return 'change_%s' % self.object_name.lower() 113 114 def get_delete_permission(self): 115 return 'delete_%s' % self.object_name.lower() 116 117 def _get_add_permission(self): 118 # import goes here because models aren't necessarily set up when this 119 # module is imported 109 120 from django.contrib.auth.models import Permission 110 121 codename = 'add_%s' % self.object_name.lower() … … 112 123 content_type__app_label__exact=self.app_label, 113 124 codename=codename) 114 115 def get_change_permission(self): 125 add_permission = property(_get_add_permission) 126 127 def _get_change_permission(self): 128 # import goes here because models aren't necessarily set up when this 129 # module is imported 116 130 from django.contrib.auth.models import Permission 117 131 codename = 'change_%s' % self.object_name.lower() … … 119 133 content_type__app_label__exact=self.app_label, 120 134 codename=codename) 121 122 def get_delete_permission(self): 135 change_permission = property(_get_change_permission) 136 137 def _get_delete_permission(self): 138 # import goes here because models aren't necessarily set up when this 139 # module is imported 123 140 from django.contrib.auth.models import Permission 124 141 codename = 'delete_%s' % self.object_name.lower() … … 126 143 content_type__app_label__exact=self.app_label, 127 144 codename=codename) 145 delete_permission = property(_get_delete_permission) 128 146 129 147 def get_all_related_objects(self): django/branches/generic-auth/tests/regressiontests/generic_auth/tests.py
r4057 r4256 40 40 41 41 >>> opts = Person._meta 42 >>> add_permission = opts. get_add_permission()43 >>> change_permission = opts. get_change_permission()44 >>> delete_permission = opts. get_delete_permission()42 >>> add_permission = opts.add_permission 43 >>> change_permission = opts.change_permission 44 >>> delete_permission = opts.delete_permission 45 45 46 46 … … 112 112 Set up some convenient references to the various permission objects. 113 113 114 >>> add_permission = Article._meta. get_add_permission()115 >>> change_permission = Article._meta. get_change_permission()116 >>> delete_permission = Article._meta. get_delete_permission()114 >>> add_permission = Article._meta.add_permission 115 >>> change_permission = Article._meta.change_permission 116 >>> delete_permission = Article._meta.delete_permission 117 117 118 118 Adding isn't tied to a particular object, and we haven't given the user
