diff --git a/django/contrib/admin/templates/admin/change_form.html b/django/contrib/admin/templates/admin/change_form.html index 46efffc5d5..df4141c7fa 100644 --- a/django/contrib/admin/templates/admin/change_form.html +++ b/django/contrib/admin/templates/admin/change_form.html @@ -67,13 +67,6 @@ -{% comment %} -{% if new_rlp_form %} -
-{% include "admin/row_level_permission.html" %} -
-{% endif %} -{% endcomment %} {% endblock %} diff --git a/django/contrib/admin/templatetags/admin_modify.py b/django/contrib/admin/templatetags/admin_modify.py index 7ba7bef74e..add1d4abac 100644 --- a/django/contrib/admin/templatetags/admin_modify.py +++ b/django/contrib/admin/templatetags/admin_modify.py @@ -42,7 +42,7 @@ def submit_row(context): 'show_delete_link': (not is_popup and context['has_delete_permission'] and (change or context['show_delete'])), 'show_save_as_new': not is_popup and change and opts.admin.save_as, - 'show_save_and_add_another': not is_popup and (not opts.admin.save_as or context['add']), + 'show_save_and_add_another': not is_popup and (not opts.admin.save_as or context['add']) and context['has_add_permission'], 'show_save_and_continue': not is_popup and context['has_change_permission'], 'show_save': True } diff --git a/django/contrib/admin/templatetags/adminapplist.py b/django/contrib/admin/templatetags/adminapplist.py index 314010a074..6754632fba 100644 --- a/django/contrib/admin/templatetags/adminapplist.py +++ b/django/contrib/admin/templatetags/adminapplist.py @@ -29,7 +29,7 @@ class AdminApplistNode(template.Node): if not m._meta.admin.hidden: perms = { - 'add': user.contains_permission("%s.%s" % (app_label, m._meta.get_add_permission()), m), + 'add': user.contains_permission("%s.%s" % (app_label, m._meta.get_add_permission())), 'change': user.contains_permission("%s.%s" % (app_label, m._meta.get_change_permission()), m), 'delete': user.contains_permission("%s.%s" % (app_label, m._meta.get_delete_permission()), m), } diff --git a/django/contrib/admin/views/main.py b/django/contrib/admin/views/main.py index ee6880c861..25f7eeaa70 100644 --- a/django/contrib/admin/views/main.py +++ b/django/contrib/admin/views/main.py @@ -199,8 +199,9 @@ def render_change_form(model, manipulator, context, add=False, change=False, for extra_context = { 'add': add, 'change': change, - 'has_delete_permission': context['perms'][app_label][opts.get_delete_permission()], - 'has_change_permission': context['perms'][app_label][opts.get_change_permission()], + 'has_delete_permission': context['user'].has_perm(app_label+"."+opts.get_delete_permission(), original), + 'has_change_permission': context['user'].has_perm(app_label+"."+opts.get_change_permission(), original), + 'has_add_permission': context['user'].has_perm(app_label+"."+opts.get_add_permission()), 'has_file_field': opts.has_field_type(models.FileField), 'has_absolute_url': hasattr(model, 'get_absolute_url'), 'auto_populated_fields': auto_populated_fields, diff --git a/django/contrib/admin/views/row_level_permissions.py b/django/contrib/admin/views/row_level_permissions.py index e545e031ac..f7e1430f2f 100644 --- a/django/contrib/admin/views/row_level_permissions.py +++ b/django/contrib/admin/views/row_level_permissions.py @@ -44,7 +44,10 @@ def view_row_level_permissions(request, app_label, model_name, object_id): paginator = ObjectPaginator(model_instance.row_level_permissions.order_by('owner_ct', 'owner_id'), list_per_page) page = int(request.GET.get('page', 1))-1 - rlp_list = paginator.get_page(page) + try: + rlp_list = paginator.get_page(page) + except InvalidPage: + rlp_list = [] paginator_context = { "is_paginated": paginator.has_next_page(0), "has_next": paginator.has_next_page(page), diff --git a/django/contrib/auth/models.py b/django/contrib/auth/models.py index 2ebc700724..3e0f616dbb 100644 --- a/django/contrib/auth/models.py +++ b/django/contrib/auth/models.py @@ -337,18 +337,25 @@ class User(models.Model): return False return True - def contains_permission(self, perm, model): + def contains_permission(self, perm, model=None): if self.has_perm(perm): return True - perm = perm[perm.index('.')+1:] - return self.contains_row_level_perm(perm, model) - + if model and model._meta.row_level_permissions: + perm = perm[perm.index('.')+1:] + return self.contains_row_level_perm(perm, model) + return False + def contains_row_level_perm(self, perm, model): model_ct = ContentType.objects.get_for_model(model) - count = self.row_level_permissions_owned.filter(model_ct=model_ct.id).count() + if isinstance(perm, str): + permission = Permission.objects.get(codename__exact=perm, content_type=model_ct.id) + else: + permission = perm + count = self.row_level_permissions_owned.filter(model_ct=model_ct.id, permission=permission.id).count() + if count>0: return True - return self.contains_group_row_level_perms(perm, model_ct) + return self.contains_group_row_level_perms(permission, model_ct) def contains_group_row_level_perms(self, perm, ct): #SELECT COUNT(*) @@ -367,14 +374,15 @@ class User(models.Model): AND ug.%s=%%s AND rlp.%s = 0 AND rlp.%s = %%s + AND rlp.%s = %%s AND rlp.%s = %%s""" % ( backend.quote_name('auth_user_groups'), backend.quote_name('auth_rowlevelpermission'), backend.quote_name('django_content_type'), backend.quote_name('owner_id'), backend.quote_name('group_id'), backend.quote_name('user_id'), backend.quote_name('negative'), backend.quote_name('owner_ct_id'), - backend.quote_name('model_ct_id')) + backend.quote_name('model_ct_id'), backend.quote_name('permission_id')) - cursor.execute(sql, [self.id, ContentType.objects.get_for_model(Group).id, ct.id]) + cursor.execute(sql, [self.id, ContentType.objects.get_for_model(Group).id, ct.id, perm.id]) count = int(cursor.fetchone()[0]) return (count>0)