Navigation

← Previous Changeset
Next Changeset →

Changeset 684

Timestamp:

09/25/05 14:08:44 (3 years ago)

Author:

adrian

Message:

Fixed #550 -- Default admin template now checks user permissions, hiding apps/modules/actions for which the user doesn't have permissions. Thanks, Jason Huggins

Files:

django/trunk/django/conf/admin_templates/index.html (modified) (1 diff)
django/trunk/django/templatetags/adminapplist.py (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

django/trunk/django/conf/admin_templates/index.html

r127	r684
10	10
11	11	{% get_admin_app_list as app_list %}
12		{% for app in app_list %}
13		<div class="module">
14		<h2>{{ app.name }}</h2>
15		<table>
16		{% for model in app.models %}
17		<tr>
18		<th><a href="{{ model.admin_url }}">{{ model.name }}</a></th>
19		<td class="x50"><a href="{{ model.admin_url }}add/" class="addlink">Add</a></td>
20		<td class="x75"><a href="{{ model.admin_url }}" class="changelink">Change</a></td>
21		</tr>
	12	{% if app_list %}
	13	{% for app in app_list %}
	14	<div class="module">
	15	<h2>{{ app.name }}</h2>
	16	<table>
	17	{% for model in app.models %}
	18	<tr>
	19	{% if model.perms.change %}
	20	<th><a href="{{ model.admin_url }}">{{ model.name }}</a></th>
	21	{% else %}
	22	<th>{{ model.name }}</th>
	23	{% endif %}
	24
	25	{% if model.perms.add %}
	26	<td class="x50"><a href="{{ model.admin_url }}add/" class="addlink">Add</a></td>
	27	{% else %}
	28	<td class="x50"> </td>
	29	{% endif %}
	30
	31	{% if model.perms.change %}
	32	<td class="x75"><a href="{{ model.admin_url }}" class="changelink">Change</a></td>
	33	{% else %}
	34	<td class="x75"> </td>
	35	{% endif %}
	36	</tr>
	37	{% endfor %}
	38	</table>
	39	</div>
22	40	{% endfor %}
23		</table>
24		</div>
25		{% endfor %}
26
	41	{% else %}
	42	<p>You don't have permission to edit anything.</p>
	43	{% endif %}
27	44	</div>
28	45	{% endblock %}

django/trunk/django/templatetags/adminapplist.py

r378	r684
9	9	from django.utils.text import capfirst
10	10	app_list = []
	11	user = context['user']
	12
11	13	for app in meta.get_installed_model_modules():
12	14	app_label = app.__name__[app.__name__.rindex('.')+1:]
13		model_list = [{'name': capfirst(m._meta.verbose_name_plural),
14		'admin_url': '%s/%s/' % (app_label, m._meta.module_name)} \
15		for m in app._MODELS if m._meta.admin]
16		if model_list:
17		app_list.append({
18		'name': app_label.title(),
19		'models': model_list,
20		})
	15	has_module_perms = user.has_module_perms(app_label)
	16
	17	if has_module_perms:
	18	model_list = []
	19	for m in app._MODELS:
	20	if m._meta.admin:
	21	module_name = m._meta.module_name
	22	perms = {
	23	'add': user.has_perm("%s.%s" % (app_label, m._meta.get_add_permission())),
	24	'change': user.has_perm("%s.%s" % (app_label, m._meta.get_change_permission())),
	25	'delete': user.has_perm("%s.%s" % (app_label, m._meta.get_delete_permission())),
	26	}
	27
	28	# Check whether user has any perm for this module.
	29	# If so, add the module to the model_list.
	30	if True in perms.values():
	31	model_list.append({
	32	'name': capfirst(m._meta.verbose_name_plural),
	33	'admin_url': '%s/%s/' % (app_label, m._meta.module_name),
	34	'perms': perms,
	35	})
	36
	37	if model_list:
	38	app_list.append({
	39	'name': app_label.title(),
	40	'has_module_perms': has_module_perms,
	41	'models': model_list,
	42	})
21	43	context[self.varname] = app_list
22	44	return ''

Code

Navigation

Changeset 684

Legend:

django/trunk/django/conf/admin_templates/index.html

django/trunk/django/templatetags/adminapplist.py

Download in other formats: