From 19ece7470d3529d87e9a1c237cc5e1cfdc0456f5 Mon Sep 17 00:00:00 2001 From: Christopher Long Date: Sun, 20 Aug 2006 18:02:58 +0000 Subject: [PATCH] [per-object-permissions] Removed commented (unused) code git-svn-id: http://code.djangoproject.com/svn/django/branches/per-object-permissions@3623 bcc190cf-cafb-0310-a4f2-bffc1f526a37 --- .../admin/row_level_perm_manipulator.py | 56 +++++++++---------- .../admin/templates/admin/change_form.html | 2 +- .../templates/admin/row_level_permission.html | 10 ---- .../admin/templatetags/adminapplist.py | 29 +++++----- django/contrib/admin/views/main.py | 21 +------ .../admin/views/row_level_permissions.py | 30 +++++----- 6 files changed, 59 insertions(+), 89 deletions(-) diff --git a/django/contrib/admin/row_level_perm_manipulator.py b/django/contrib/admin/row_level_perm_manipulator.py index 949f2fe9a0..885ba2dd58 100644 --- a/django/contrib/admin/row_level_perm_manipulator.py +++ b/django/contrib/admin/row_level_perm_manipulator.py @@ -11,8 +11,8 @@ class ChangeRLPManipulator(forms.Manipulator): self.ct = ct perm_list = [(o.id, o.name) for o in self.ct.permission_set.order_by("name")] - obj_list = [('user', User.objects.order_by("username"))] - obj_list.extend([('group', Group.objects.order_by("name"))]) + obj_list = [(User, User.objects.order_by("username"))] + obj_list.extend([(Group, Group.objects.order_by("name"))]) self.fields = ( MultipleObjSelectField(field_name="owner", obj_list=obj_list), @@ -52,8 +52,8 @@ class AddRLPManipulator(ChangeRLPManipulator): def __init__(self, obj_instance, ct): self.ct = ct self.obj_instance = obj_instance - obj_list = [('user', User.objects.order_by("username"))] - obj_list.extend([('group', Group.objects.order_by("name"))]) + obj_list = [(User, User.objects.order_by("username"))] + obj_list.extend([(Group, Group.objects.order_by("name"))]) perm_list = [(o.id, o.name) for o in self.ct.permission_set.order_by("name")] self.fields = ( MultipleObjSelectField(field_name="owner", obj_list=obj_list, default_text=_("Select an option")), @@ -73,6 +73,7 @@ class AddRLPManipulator(ChangeRLPManipulator): for i in new_data.getlist('perm'): perm = Permission.objects.get(pk=i) + #Check that the new row level perms are unique field_name_list = ('owner_ct', 'owner_id', 'model_ct', 'model_id', 'permission') field_data = ct.id all_data = {'owner_id':owner.id, 'model_ct_id':self.ct.id, 'model_id':self.obj_instance.id, 'permission_id':perm.id} @@ -81,41 +82,38 @@ class AddRLPManipulator(ChangeRLPManipulator): rlp = RowLevelPermission.objects.create_row_level_permission(self.obj_instance, owner, perm, negative=new_data['negative']) rlp_list.append(rlp) - return rlp_list - -#def validate_unique_together(orig_obj, field_name_list, all_data): - #field_list = [opts.get_field(field_name) for field_name in field_name_list] - #kwargs = {} - #for f in field_list: - #field_val = all_data.get(f.attname, None) - #if field_val is None: - #return - #if isinstance(f.rel, ManyToOneRel): - #kwargs['%s__pk' % f.name] = field_val - #else: - #kwargs['%s__iexact' % f.name] = field_val - #try: - #old_obj = self.manager.get(**kwargs) - #except ObjectDoesNotExist: - #return - #if hasattr(self, 'original_object') and self.original_object._get_pk_val() == old_obj._get_pk_val(): - #pass - #else: - #raise validators.ValidationError, _("%(object)s with this %(type)s already exists for the given %(field)s.") % \ - #{'object': capfirst(opts.verbose_name), 'type': field_list[0].verbose_name, 'field': get_text_list(field_name_list[1:], 'and')} - + return rlp_list class MultipleObjSelectField(forms.SelectField): + """ + Extends a select field to use more then one type of model in a select field. + Uses optgroup in the select field to differentiate between object types. + + obj_list should be a list of lists containing the model and a list of objects. + E.g. ((User, User.objects.all()), (Group, Group.objects.all)) + + If you wish to define a default text to be shown as the default option, use the + default_text parameter. An example of default text would be "Select an option" + + The remaining parameters are very similiar to the normal SelectField. + + To return the object selected pass the string result to MultipleObjSelectField.returnObject(string), + it returns the object instance. + + To create a key for a specific object, use: MultipleObjSelectField.returnKey(object). It has an optional + parameter for the content type (ct), if you have already determined the content type and want to save on + db queries. + """ def __init__(self, field_name, obj_list=None, default_text=None, size=1, is_required=False, validator_list=None, member_name=None): choice_list = [] self.default_text = default_text + #Loop through the object list and create the list to be displayed for obj, obj_choices in obj_list: - ct = ContentType.objects.get(model__exact=obj) + ct = ContentType.objects.get_for_model(obj) object_choice = [(MultipleObjSelectField.returnKey(o, ct=ct), str(o)) for o in obj_choices] choice_list.extend([(ct.name.title(), object_choice)]) - #choice_list.extend([(MultipleObjSelectField.returnKey(o, ct=ct), str(o)+" ("+ct.name.title()+")") for o in obj_choices]) super(MultipleObjSelectField, self).__init__(field_name, choices=choice_list, size=size, is_required=is_required, validator_list=validator_list, diff --git a/django/contrib/admin/templates/admin/change_form.html b/django/contrib/admin/templates/admin/change_form.html index b70c9e3bae..46efffc5d5 100644 --- a/django/contrib/admin/templates/admin/change_form.html +++ b/django/contrib/admin/templates/admin/change_form.html @@ -18,7 +18,7 @@ {% block content %}
{% if change %}{% if not is_popup %} {% endif %}{% endif %} diff --git a/django/contrib/admin/templates/admin/row_level_permission.html b/django/contrib/admin/templates/admin/row_level_permission.html index 261ea36b9e..bdc7ac4d30 100644 --- a/django/contrib/admin/templates/admin/row_level_permission.html +++ b/django/contrib/admin/templates/admin/row_level_permission.html @@ -92,10 +92,7 @@ {% for o in x.1 %} -
- @@ -112,13 +109,9 @@
- - {% trans 'Delete' %} | {% trans 'Copy to New' %} -
@@ -133,9 +126,6 @@ {% if is_paginated %} -{% comment %} -{% if has_previous %} << {% endif %} {% if has_next %} >> {% endif %} -{% endcomment %}
{% paginator %}
diff --git a/django/contrib/admin/templatetags/adminapplist.py b/django/contrib/admin/templatetags/adminapplist.py index 10e09ca0b6..5a8e288e27 100644 --- a/django/contrib/admin/templatetags/adminapplist.py +++ b/django/contrib/admin/templatetags/adminapplist.py @@ -26,20 +26,21 @@ class AdminApplistNode(template.Node): model_list = [] for m in app_models: if m._meta.admin: - perms = { - 'add': user.has_perm("%s.%s" % (app_label, m._meta.get_add_permission())), - 'change': user.has_perm("%s.%s" % (app_label, m._meta.get_change_permission())), - 'delete': user.has_perm("%s.%s" % (app_label, m._meta.get_delete_permission())), - } - - # Check whether user has any perm for this module. - # If so, add the module to the model_list. - if True in perms.values(): - model_list.append({ - 'name': capfirst(m._meta.verbose_name_plural), - 'admin_url': '%s/%s/' % (app_label, m.__name__.lower()), - 'perms': perms, - }) + if not m._meta.admin.hidden: + perms = { + 'add': user.has_perm("%s.%s" % (app_label, m._meta.get_add_permission())), + 'change': user.has_perm("%s.%s" % (app_label, m._meta.get_change_permission())), + 'delete': user.has_perm("%s.%s" % (app_label, m._meta.get_delete_permission())), + } + + # Check whether user has any perm for this module. + # If so, add the module to the model_list. + if True in perms.values(): + model_list.append({ + 'name': capfirst(m._meta.verbose_name_plural), + 'admin_url': '%s/%s/' % (app_label, m.__name__.lower()), + 'perms': perms, + }) if model_list: # Sort using verbose decorate-sort-undecorate pattern diff --git a/django/contrib/admin/views/main.py b/django/contrib/admin/views/main.py index 1395ca47dd..4c76502a67 100644 --- a/django/contrib/admin/views/main.py +++ b/django/contrib/admin/views/main.py @@ -203,7 +203,6 @@ def render_change_form(model, manipulator, context, add=False, change=False, for 'has_change_permission': context['perms'][app_label][opts.get_change_permission()], 'has_file_field': opts.has_field_type(models.FileField), 'has_absolute_url': hasattr(model, 'get_absolute_url'), - 'has_row_level_permissions':opts.row_level_permissions, 'auto_populated_fields': auto_populated_fields, 'bound_field_sets': bound_field_sets, 'first_form_field_id': first_form_field_id, @@ -400,25 +399,9 @@ def change_stage(request, app_label, model_name, object_id): 'object_id': object_id, 'original': manipulator.original_object, 'is_popup': request.REQUEST.has_key('_popup'), + 'object_has_row_level_permissions':opts.row_level_permissions, + 'has_row_level_permissions':request.user.has_perm("auth.change_rowlevelpermission") and request.user.has_perm(opts.app_label+"."+opts.get_change_permission(), object=manipulator.original_object), }) - - if model._meta.row_level_permissions: - from django.contrib.admin.row_level_perm_manipulator import AddRLPManipulator, ChangeRLPManipulator - model_instance = manipulator.original_object - model_ct = ContentType.objects.get_for_model(model) - rlp_list = model_instance.row_level_permissions.order_by('owner_ct', 'owner_id') - rlp_errors = rlp_new_data = {} - add_rlp_manip = AddRLPManipulator(model_instance, model_ct) - edit_rlp_manip = ChangeRLPManipulator(model_ct) - new_rlp_form = forms.FormWrapper(add_rlp_manip, rlp_new_data, rlp_errors) - empty_rlp_form = forms.FormWrapper(edit_rlp_manip, rlp_new_data, rlp_errors) - rlp_form_list = [] - for r in rlp_list: - owner_val = str(r.owner_ct)+"-"+str(r.owner_id) - data = {'id':r.id, 'owner':owner_val, 'perm':r.permission.id, 'negative':r.negative} - rlp_form_list.append({'form':forms.FormWrapper(edit_rlp_manip, data, rlp_errors), 'rlp':r}) - rlp_context = {'new_rlp_form':new_rlp_form, 'rlp_form_list':rlp_form_list, 'empty_rlp_form':empty_rlp_form} - c.update(rlp_context) return render_change_form(model, manipulator, c, change=True) change_stage = staff_member_required(never_cache(change_stage)) diff --git a/django/contrib/admin/views/row_level_permissions.py b/django/contrib/admin/views/row_level_permissions.py index 5f981aa14f..ab7cecf426 100644 --- a/django/contrib/admin/views/row_level_permissions.py +++ b/django/contrib/admin/views/row_level_permissions.py @@ -14,6 +14,9 @@ from django.views.decorators.cache import never_cache def view_row_level_permissions(request, app_label, model_name, object_id): + """ + Displays a list of row level permisisons for the model instance + """ model = models.get_model(app_label, model_name) object_id = unquote(object_id) @@ -37,9 +40,7 @@ def view_row_level_permissions(request, app_label, model_name, object_id): 'opts':opts, }) - - list_per_page = opts.admin.list_per_page - #list_per_page = 20 + list_per_page = RowLevelPermission._meta.admin.list_per_page paginator = ObjectPaginator(model_instance.row_level_permissions.order_by('owner_ct', 'owner_id'), list_per_page) page = int(request.GET.get('page', 1))-1 @@ -102,6 +103,9 @@ def view_row_level_permissions(request, app_label, model_name, object_id): view_row_level_permissions = staff_member_required(never_cache(view_row_level_permissions)) def delete_row_level_permission(request, app_label, model_name, object_id, ct_id, rlp_id, hash): + """ + Deletes the given row level permission. + """ msg = {} if utils.verify_objref_hash(ct_id, rlp_id, hash): @@ -129,10 +133,9 @@ def delete_row_level_permission(request, app_label, model_name, object_id, ct_id request.user.message_set.create(message=msg['text']) + request.user.message_set.create(message=msg['text']) return HttpResponseRedirect(request.META["HTTP_REFERER"]) -# return HttpResponseRedirect("%s?rlp_result=%s&rlp_msg=%s" % (request.META["HTTP_REFERER"], str(msg["result"]), main.quote(msg["text"]))) - #return main.change_stage(request, main.quote(obj._meta.app_label), main.quote(obj._meta.object_name), - # main.quote(str(obj.id)), extra_context={"row_level_perm_msg":msg,}) + delete_row_level_permission = staff_member_required(never_cache(delete_row_level_permission)) def add_row_level_permission(request, app_label, model_name, object_id): @@ -179,13 +182,9 @@ def add_row_level_permission(request, app_label, model_name, object_id): resp_list.append({"id":rlp.id, "permission":rlp.permission.id, "hash":hash}) msg["results"]=resp_list - #return main.change_stage(request, main.quote(obj._meta.app_label), main.quote(obj._meta.object_name), - # main.quote(str(obj.id)), extra_context={"row_level_perm_msg":msg,}) - if msg["result"]: - request.user.message_set.create(message=msg['text']) - return HttpResponseRedirect(request.META["HTTP_REFERER"]) - else: - return HttpResponseRedirect("../?err_msg=%s" % msg['text']) + request.user.message_set.create(message=msg['text']) + return HttpResponseRedirect(request.META["HTTP_REFERER"]) + add_row_level_permission = staff_member_required(never_cache(add_row_level_permission)) def change_row_level_permission(request, app_label, model_name, object_id, ct_id, rlp_id, hash): @@ -231,10 +230,9 @@ def change_row_level_permission(request, app_label, model_name, object_id, ct_id else: msg = {"result":True, "text":_("Row level permission has successfully been changed"), "id":rlp_id} + request.user.message_set.create(message=msg['text']) + request.user.message_set.create(message=msg['text']) return HttpResponseRedirect(request.META["HTTP_REFERER"]) -# request.POST = {} -# return change_stage(request, main.quote(obj._meta.app_label), main.quote(obj._meta.object_name), -# main.quote(str(obj.id)), extra_context={"row_level_perm_msg":msg,}) change_row_level_permission = staff_member_required(never_cache(change_row_level_permission)) \ No newline at end of file