Changes between Version 2 and Version 3 of RowLevelPermissionsDeveloper
- Timestamp:
- Aug 6, 2006, 3:00:05 PM (18 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
RowLevelPermissionsDeveloper
v2 v3 8 8 #!python 9 9 class RowLevelPermission(models.Model): 10 type_id = models.PositiveIntegerField("'Type' ID")11 type_ct = models.ForeignKey(ContentType, verbose_name="'Type' content type", related_name="type_ct")10 model_id = models.PositiveIntegerField("'Type' ID") 11 model_ct = models.ForeignKey(ContentType, verbose_name="'Type' content model", related_name="model_ct") 12 12 owner_id = models.PositiveIntegerField("'Owner' ID") 13 owner_ct = models.ForeignKey(ContentType, verbose_name="'Owner' content type", related_name="owner_ct")13 owner_ct = models.ForeignKey(ContentType, verbose_name="'Owner' content model", related_name="owner_ct") 14 14 negative = models.BooleanField() 15 15 permission = models.ForeignKey(Permission) 16 16 17 type = models.GenericForeignKey(fk_field='type_id', ct_field='type_ct')17 model = models.GenericForeignKey(fk_field='model_id', ct_field='model_ct') 18 18 owner = models.GenericForeignKey(fk_field='owner_id', ct_field='owner_ct') 19 19 … … 23 23 verbose_name = _('row level permission') 24 24 verbose_name_plural = _('row level permissions') 25 unique_together = ((' type_ct', 'type_id', 'owner_id', 'owner_ct', 'permission'),)25 unique_together = (('model_ct', 'model_id', 'owner_id', 'owner_ct', 'permission'),) 26 26 }}} 27 27 … … 36 36 if getattr(new_class._meta, 'row_level_permissions', None): 37 37 from django.contrib.auth.models import RowLevelPermission 38 gen_rel = django.db.models.GenericRelation(RowLevelPermission, object_id_field=" type_id", content_type_field="type_ct")38 gen_rel = django.db.models.GenericRelation(RowLevelPermission, object_id_field="model_id", content_model_field="model_ct") 39 39 new_class.add_to_class("row_level_permissions", gen_rel) 40 40 }}} … … 48 48 #!python 49 49 ... 50 row_level_permissions_owned = models.GenericRelation(RowLevelPermission, object_id_field="owner_id", content_ type_field="owner_ct", related_name="owner")50 row_level_permissions_owned = models.GenericRelation(RowLevelPermission, object_id_field="owner_id", content_model_field="owner_ct", related_name="owner") 51 51 ... 52 52 }}} … … 56 56 == Checking of Row Level Permissions == 57 57 58 To be added soon. 58 Checking of RLP are done in the following order: User RLP->Group RLP->User Model Level->Group Model Level. Stopping at the first positive or negative. 59 60 The has_perm method has been modified to now check for row level permissions and has an optional parameter for a model instance, which is required to check row level permissions. 61 62 {{{ 63 #!python 64 def has_perm(self, perm, object=None): 65 "Returns True if the user has the specified permission." 66 if not self.is_active: 67 return False 68 if self.is_superuser: 69 return True 70 if object and object._meta.row_level_permissions: 71 row_level_permission = self.check_row_level_permission(perm, object) 72 if row_level_permission is not None: 73 return row_level_permission 74 return perm in self.get_all_permissions() 75 }}} 76 77 The check_row_level_permission checks the user RLPs first and then checks the group RLPs. The user RLPs are determined by using a filter method. The group RLP uses an SQL query that works out to be: 78 79 {{{ 80 #!sql 81 SELECT rlp."negative" 82 FROM "auth_user_groups" ug, "auth_rowlevelpermission" rlp 83 WHERE rlp."owner_id"=ug."group_id" 84 AND ug."user_id"=%s 85 AND rlp."owner_ct_id"=%s 86 AND rlp."model_id"=%s 87 AND rlp."model_ct_id"=%s 88 AND rlp."permission_id"=%s; 89 }}} 59 90 60 91 == Integration into Administration Application ==