Ticket #5447: fix-admin-permissions.diff

File fix-admin-permissions.diff, 5.3 KB (added by jkocherhans, 8 years ago)

Updated to work with [6784]

  • django/contrib/admin/options.py

    diff --git a/django/contrib/admin/options.py b/django/contrib/admin/options.py
    index f84b096..103c899 100644
    a b class ModelAdmin(BaseModelAdmin): 
    276276        opts = self.opts
    277277        return request.user.has_perm(opts.app_label + '.' + opts.get_add_permission())
    278278
    279     def has_change_permission(self, request, obj):
     279    def has_change_permission(self, request, obj=None):
    280280        """
    281281        Returns True if the given request has permission to change the given
    282282        Django model instance.
    class ModelAdmin(BaseModelAdmin): 
    287287        opts = self.opts
    288288        return request.user.has_perm(opts.app_label + '.' + opts.get_change_permission())
    289289
    290     def has_delete_permission(self, request, obj):
     290    def has_delete_permission(self, request, obj=None):
    291291        """
    292292        Returns True if the given request has permission to change the given
    293293        Django model instance.
    class ModelAdmin(BaseModelAdmin): 
    452452            request.user.message_set.create(message=msg)
    453453            return HttpResponseRedirect("../")
    454454
    455     def render_change_form(self, model, context, add=False, change=False, form_url=''):
     455    def render_change_form(self, request, model, context, add=False, change=False, form_url='', obj=None):
    456456        opts = model._meta
    457457        app_label = opts.app_label
    458458        ordered_objects = opts.get_ordered_objects()
    459459        extra_context = {
    460460            'add': add,
    461461            'change': change,
    462             'has_delete_permission': context['perms'][app_label][opts.get_delete_permission()],
    463             'has_change_permission': context['perms'][app_label][opts.get_change_permission()],
     462            'has_add_permission': self.has_add_permission(request),
     463            'has_change_permission': self.has_change_permission(request, obj),
     464            'has_delete_permission': self.has_delete_permission(request, obj),
    464465            'has_file_field': True, # FIXME - this should check if form or formsets have a FileField,
    465466            'has_absolute_url': hasattr(model, 'get_absolute_url'),
    466467            'ordered_objects': ordered_objects,
    class ModelAdmin(BaseModelAdmin): 
    525526            'media': mark_safe(media),
    526527            'inline_admin_formsets': inline_admin_formsets,
    527528        })
    528         return self.render_change_form(model, c, add=True)
    529    
     529        return self.render_change_form(request, model, c, add=True)
     530
    530531    def change_view(self, request, object_id):
    531532        "The 'change' admin view for this model."
    532533        model = self.model
    class ModelAdmin(BaseModelAdmin): 
    600601            'media': mark_safe(media),
    601602            'inline_admin_formsets': inline_admin_formsets,
    602603        })
    603         return self.render_change_form(model, c, change=True)
     604        return self.render_change_form(request, model, c, change=True, obj=obj)
    604605
    605606    def changelist_view(self, request):
    606607        "The 'change list' admin view for this model."
    class ModelAdmin(BaseModelAdmin): 
    626627            'is_popup': cl.is_popup,
    627628            'cl': cl,
    628629        })
    629         c.update({'has_add_permission': c['perms'][app_label][opts.get_add_permission()]}),
     630        c.update({'has_add_permission': self.has_add_permission(request)}),
    630631        return render_to_response(['admin/%s/%s/change_list.html' % (app_label, opts.object_name.lower()),
    631632                                'admin/%s/change_list.html' % app_label,
    632633                                'admin/change_list.html'], context_instance=c)
  • django/contrib/admin/sites.py

    diff --git a/django/contrib/admin/sites.py b/django/contrib/admin/sites.py
    index 06d1a04..471678f 100644
    a b class AdminSite(object): 
    263263
    264264            if has_module_perms:
    265265                perms = {
    266                     'add': user.has_perm("%s.%s" % (app_label, model._meta.get_add_permission())),
    267                     'change': user.has_perm("%s.%s" % (app_label, model._meta.get_change_permission())),
    268                     'delete': user.has_perm("%s.%s" % (app_label, model._meta.get_delete_permission())),
     266                    'add': model_admin.has_add_permission(request),
     267                    'change': model_admin.has_change_permission(request),
     268                    'delete': model_admin.has_delete_permission(request),
    269269                }
    270270
    271271                # Check whether user has any perm for this module.
  • django/contrib/admin/templatetags/admin_modify.py

    diff --git a/django/contrib/admin/templatetags/admin_modify.py b/django/contrib/admin/templatetags/admin_modify.py
    index c1dbfaa..ed3768b 100644
    a b def submit_row(context): 
    2929        'show_delete_link': (not is_popup and context['has_delete_permission']
    3030                              and (change or context['show_delete'])),
    3131        'show_save_as_new': not is_popup and change and save_as,
    32         'show_save_and_add_another': not is_popup and (not save_as or context['add']),
     32        'show_save_and_add_another': context['has_add_permission'] and
     33                            not is_popup and (not save_as or context['add']),
    3334        'show_save_and_continue': not is_popup and context['has_change_permission'],
    3435        'show_save': True
    3536    }
Back to Top