Changeset 4583
- Timestamp:
- 02/25/07 14:35:32 (1 year ago)
- Files:
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
django/branches/newforms-admin/django/contrib/admin/options.py
r4582 r4583 147 147 """ 148 148 Returns a list of URLs to include via <script> statements. 149 150 The URLs can be absolute ('/js/admin/') or explicit 151 ('http://example.com/foo.js'). 149 152 """ 150 153 from django.conf import settings … … 170 173 return self.javascript(request, self.fieldsets_add(request)) 171 174 172 def javascript_change(self, request, obj ect_id):173 return self.javascript(request, self.fieldsets_change(request, obj ect_id))175 def javascript_change(self, request, obj): 176 return self.javascript(request, self.fieldsets_change(request, obj)) 174 177 175 178 def fieldsets(self, request): … … 194 197 yield fs 195 198 196 def fieldsets_change(self, request, obj ect_id):199 def fieldsets_change(self, request, obj): 197 200 "Hook for specifying Fieldsets for the change form." 198 201 for fs in self.fieldsets(request): … … 258 261 return request.user.has_perm(opts.app_label + '.' + opts.get_change_permission()) 259 262 260 def has_delete_permission(self, request, object_id): 261 """ 262 Returns True if the given request has permission to change the object 263 with the given object_id. 263 def has_delete_permission(self, request, obj): 264 """ 265 Returns True if the given request has permission to change the given 266 Django model instance. 267 268 If `obj` is None, this should return True if the given request has 269 permission to delete *any* object of the given type. 264 270 """ 265 271 opts = self.opts … … 436 442 c = template.RequestContext(request, { 437 443 'title': _('Change %s') % opts.verbose_name, 438 'adminform': AdminForm(form, self.fieldsets_change(request, obj ect_id), self.prepopulated_fields),444 'adminform': AdminForm(form, self.fieldsets_change(request, obj), self.prepopulated_fields), 439 445 'object_id': object_id, 440 446 'original': obj, 441 447 'is_popup': request.REQUEST.has_key('_popup'), 442 'javascript_imports': self.javascript_change(request, obj ect_id),448 'javascript_imports': self.javascript_change(request, obj), 443 449 }) 444 450 return render_change_form(self, model, model.ChangeManipulator(object_id), c, change=True) … … 479 485 opts = self.model._meta 480 486 app_label = opts.app_label 481 if not self.has_delete_permission(request, object_id): 487 488 try: 489 obj = self.model._default_manager.get(pk=object_id) 490 except self.model.DoesNotExist: 491 # Don't raise Http404 just yet, because we haven't checked 492 # permissions yet. We don't want an unauthenticated user to be able 493 # to determine whether a given object exists. 494 obj = None 495 496 if not self.has_delete_permission(request, obj): 482 497 raise PermissionDenied 483 obj = get_object_or_404(self.model, pk=object_id) 498 499 if obj is None: 500 raise Http404('%s object with primary key %r does not exist.' % (opts.verbose_name, escape(object_id))) 484 501 485 502 # Populate deleted_objects, a data structure of all related objects that
