mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-07-06 10:49:17 +00:00
Code Issues 32 Releases Wiki Activity

[per-object-permissions] New method: get_model_list in the RowLevelPermission manager. This returns a list of ids for the given model that the user has the given permission on. It should work better then doing something like has_perm or {% if_has_perm %}

Browse Source 
[per-object-permissions] Modified the change_list to use get_model_list instead of the current checking each perm. Note: this method has not been tested extensively, and might cause some problems

git-svn-id: http://code.djangoproject.com/svn/django/branches/per-object-permissions@3674 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
Christopher Long 2006-08-28 19:53:26 +00:00
parent 61d6f592c9
commit 64be2e2881
3 changed files with 26 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
django/contrib/admin/templatetags/admin_list.py
View File

@ -105,11 +105,7 @@ def items_for_result(cl, result):
first = True first = True
pk = cl.lookup_opts.pk.attname pk = cl.lookup_opts.pk.attname
#If show_all_rows is set to False, then we have to check the permission on the object #If show_all_rows is set to False, then we have to check the permission on the object
if not cl.opts.admin.show_all_rows:
if not cl.user.has_perm(cl.opts.app_label + "." + cl.opts.get_change_permission(), object=result):
return
#Update the count
cl.result_count = cl.result_count +1
for field_name in cl.lookup_opts.admin.list_display: for field_name in cl.lookup_opts.admin.list_display:
row_class = '' row_class = ''
try: try:

10
django/contrib/admin/views/main.py
View File

@ -651,10 +651,8 @@ class ChangeList(object):
#This is set to 0 if show_all_rows is false, checking of which rows to be shown #This is set to 0 if show_all_rows is false, checking of which rows to be shown
#is done later in the result_list tag at which point it will calculate the correct #is done later in the result_list tag at which point it will calculate the correct
#number of rows shown #number of rows shown
if self.opts.admin.show_all_rows:
self.result_count = result_count self.result_count = result_count
else:
self.result_count = 0
self.full_result_count = full_result_count self.full_result_count = full_result_count
self.result_list = result_list self.result_list = result_list
self.can_show_all = can_show_all self.can_show_all = can_show_all
@ -692,6 +690,12 @@ class ChangeList(object):
return order_field, order_type return order_field, order_type
def get_query_set(self): def get_query_set(self):
if (not self.opts.admin.show_all_rows) and self.opts.row_level_permissions and (not self.user.has_perm(self.opts.app_label + "."+self.opts.get_change_permission()):
from django.contrib.auth.models import RowLevelPermission
qs = self.manager.filter(id__in=RowLevelPermission.objects.get_model_list(self.user,
self.model,
self.opts.get_change_permission()))
else:
qs = self.manager.get_query_set() qs = self.manager.get_query_set()
lookup_params = self.params.copy() # a dictionary of the query string lookup_params = self.params.copy() # a dictionary of the query string
for i in (ALL_VAR, ORDER_VAR, ORDER_TYPE_VAR, SEARCH_VAR, IS_POPUP_VAR): for i in (ALL_VAR, ORDER_VAR, ORDER_TYPE_VAR, SEARCH_VAR, IS_POPUP_VAR):

16
django/contrib/auth/models.py
View File

@ -72,6 +72,22 @@ class RowLevelPermissionManager(models.Manager):
ret_dict[delete_str]=self.create_row_level_permission(model_instance, owner, delete_str, negative=negDel) ret_dict[delete_str]=self.create_row_level_permission(model_instance, owner, delete_str, negative=negDel)
return ret_dict return ret_dict
def get_model_list(self,user, model, perm):
model_ct=ContentType.objects.get_for_model(model)
if isinstance(perm, str):
perm = Permission.objects.get(codename__exact=perm, content_type=model_ct.id)
user_model_ids = RowLevelPermission.objects.filter(owner_ct=ContentType.objects.get_for_model(User),
owner_id=user.id, permission=perm.id,
model_ct=model_ct
).values('model_id')
user_group_list = [g['id'] for g in user.groups.select_related().values('id')]
group_model_ids = RowLevelPermission.objects.filter(owner_ct=ContentType.objects.get_for_model(Group).id,
owner_id__in=user_group_list,
model_ct = model_ct
).values('model_id')
id_list = [o['model_id'] for o in user_model_ids] + [o['model_id'] for o in group_model_ids]
return id_list
class RowLevelPermission(models.Model): class RowLevelPermission(models.Model):
""" """
Similiar to permissions but works on instances of objects instead of types. Similiar to permissions but works on instances of objects instead of types.