mirror of
https://github.com/django/django.git
synced 2025-07-05 18:29:11 +00:00
[per-object-permissions] Removed debug print statement in auth/models.py
[per-object-permissions] Added admin option: show_all_rows which by default is set to True. If False, it will only show the rows the user has permission for. Implemented the changes into change_list to allow this git-svn-id: http://code.djangoproject.com/svn/django/branches/per-object-permissions@3627 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
Christopher Long
parent
8a38dfaa83
commit
736febadc5
@ -104,6 +104,10 @@ def result_headers(cl):
|
|||||||
def items_for_result(cl, result):
|
def items_for_result(cl, result):
|
||||||
first = True
|
first = True
|
||||||
pk = cl.lookup_opts.pk.attname
|
pk = cl.lookup_opts.pk.attname
|
||||||
|
if not cl.opts.admin.show_all_rows:
|
||||||
|
if not cl.user.has_perm(cl.opts.app_label + "." + cl.opts.get_change_permission(), object=result):
|
||||||
|
return
|
||||||
|
cl.result_count = cl.result_count +1
|
||||||
for field_name in cl.lookup_opts.admin.list_display:
|
for field_name in cl.lookup_opts.admin.list_display:
|
||||||
row_class = ''
|
row_class = ''
|
||||||
try:
|
try:
|
||||||
|
|||||||
@ -27,12 +27,7 @@ class AdminApplistNode(template.Node):
|
|||||||
for m in app_models:
|
for m in app_models:
|
||||||
if m._meta.admin:
|
if m._meta.admin:
|
||||||
if not m._meta.admin.hidden:
|
if not m._meta.admin.hidden:
|
||||||
#perms = {
|
|
||||||
#'add': user.has_perm("%s.%s" % (app_label, m._meta.get_add_permission())),
|
|
||||||
#'change': user.has_perm("%s.%s" % (app_label, m._meta.get_change_permission())),
|
|
||||||
#'delete': user.has_perm("%s.%s" % (app_label, m._meta.get_delete_permission())),
|
|
||||||
#}
|
|
||||||
|
|
||||||
perms = {
|
perms = {
|
||||||
'add': user.contains_permission("%s.%s" % (app_label, m._meta.get_add_permission()), m),
|
'add': user.contains_permission("%s.%s" % (app_label, m._meta.get_add_permission()), m),
|
||||||
'change': user.contains_permission("%s.%s" % (app_label, m._meta.get_change_permission()), m),
|
'change': user.contains_permission("%s.%s" % (app_label, m._meta.get_change_permission()), m),
|
||||||
|
|||||||
@ -433,7 +433,7 @@ def _get_deleted_objects(deleted_objects, perms_needed, user, obj, opts, current
|
|||||||
else:
|
else:
|
||||||
if related.opts.admin:
|
if related.opts.admin:
|
||||||
p = '%s.%s' % (related.opts.app_label, related.opts.get_delete_permission())
|
p = '%s.%s' % (related.opts.app_label, related.opts.get_delete_permission())
|
||||||
if not user.has_perm(p):
|
if not user.has_perm(p, object=related):
|
||||||
perms_needed.add(related.opts.verbose_name)
|
perms_needed.add(related.opts.verbose_name)
|
||||||
# We don't care about populating deleted_objects now.
|
# We don't care about populating deleted_objects now.
|
||||||
continue
|
continue
|
||||||
@ -464,7 +464,7 @@ def _get_deleted_objects(deleted_objects, perms_needed, user, obj, opts, current
|
|||||||
# permission to delete them, add the missing perm to perms_needed.
|
# permission to delete them, add the missing perm to perms_needed.
|
||||||
if related.opts.admin and has_related_objs:
|
if related.opts.admin and has_related_objs:
|
||||||
p = '%s.%s' % (related.opts.app_label, related.opts.get_delete_permission())
|
p = '%s.%s' % (related.opts.app_label, related.opts.get_delete_permission())
|
||||||
if not user.has_perm(p):
|
if not user.has_perm(p, object=related):
|
||||||
perms_needed.add(rel_opts_name)
|
perms_needed.add(rel_opts_name)
|
||||||
for related in opts.get_all_related_many_to_many_objects():
|
for related in opts.get_all_related_many_to_many_objects():
|
||||||
if related.opts in opts_seen:
|
if related.opts in opts_seen:
|
||||||
@ -493,7 +493,7 @@ def _get_deleted_objects(deleted_objects, perms_needed, user, obj, opts, current
|
|||||||
# permission to change them, add the missing perm to perms_needed.
|
# permission to change them, add the missing perm to perms_needed.
|
||||||
if related.opts.admin and has_related_objs:
|
if related.opts.admin and has_related_objs:
|
||||||
p = '%s.%s' % (related.opts.app_label, related.opts.get_change_permission())
|
p = '%s.%s' % (related.opts.app_label, related.opts.get_change_permission())
|
||||||
if not user.has_perm(p):
|
if not user.has_perm(p, object=related):
|
||||||
perms_needed.add(related.opts.verbose_name)
|
perms_needed.add(related.opts.verbose_name)
|
||||||
|
|
||||||
def delete_stage(request, app_label, model_name, object_id):
|
def delete_stage(request, app_label, model_name, object_id):
|
||||||
@ -562,6 +562,7 @@ class ChangeList(object):
|
|||||||
self.opts = model._meta
|
self.opts = model._meta
|
||||||
self.lookup_opts = self.opts
|
self.lookup_opts = self.opts
|
||||||
self.manager = self.opts.admin.manager
|
self.manager = self.opts.admin.manager
|
||||||
|
self.user = request.user
|
||||||
|
|
||||||
# Get search parameters from the query string.
|
# Get search parameters from the query string.
|
||||||
try:
|
try:
|
||||||
@ -644,7 +645,10 @@ class ChangeList(object):
|
|||||||
except InvalidPage:
|
except InvalidPage:
|
||||||
result_list = ()
|
result_list = ()
|
||||||
|
|
||||||
self.result_count = result_count
|
if self.opts.admin.show_all_rows:
|
||||||
|
self.result_count = result_count
|
||||||
|
else:
|
||||||
|
self.result_count = 0
|
||||||
self.full_result_count = full_result_count
|
self.full_result_count = full_result_count
|
||||||
self.result_list = result_list
|
self.result_list = result_list
|
||||||
self.can_show_all = can_show_all
|
self.can_show_all = can_show_all
|
||||||
|
|||||||
@ -373,7 +373,7 @@ class User(models.Model):
|
|||||||
backend.quote_name('group_id'), backend.quote_name('user_id'),
|
backend.quote_name('group_id'), backend.quote_name('user_id'),
|
||||||
backend.quote_name('negative'), backend.quote_name('owner_ct_id'),
|
backend.quote_name('negative'), backend.quote_name('owner_ct_id'),
|
||||||
backend.quote_name('model_ct_id'))
|
backend.quote_name('model_ct_id'))
|
||||||
print sql
|
|
||||||
cursor.execute(sql, [self.id, ContentType.objects.get_for_model(Group).id, ct.id])
|
cursor.execute(sql, [self.id, ContentType.objects.get_for_model(Group).id, ct.id])
|
||||||
count = int(cursor.fetchone()[0])
|
count = int(cursor.fetchone()[0])
|
||||||
return (count>0)
|
return (count>0)
|
||||||
|
|||||||
@ -203,7 +203,8 @@ class AdminOptions(object):
|
|||||||
def __init__(self, fields=None, js=None, list_display=None, list_display_links=None, list_filter=None,
|
def __init__(self, fields=None, js=None, list_display=None, list_display_links=None, list_filter=None,
|
||||||
date_hierarchy=None, save_as=False, ordering=None, search_fields=None,
|
date_hierarchy=None, save_as=False, ordering=None, search_fields=None,
|
||||||
save_on_top=False, list_select_related=False, manager=None, list_per_page=100,
|
save_on_top=False, list_select_related=False, manager=None, list_per_page=100,
|
||||||
grant_change_row_level_perm=False, grant_delete_row_level_perm=False, hidden=False):
|
grant_change_row_level_perm=False, grant_delete_row_level_perm=False, hidden=False,
|
||||||
|
show_all_rows=True):
|
||||||
self.fields = fields
|
self.fields = fields
|
||||||
self.js = js or []
|
self.js = js or []
|
||||||
self.list_display = list_display or ['__str__']
|
self.list_display = list_display or ['__str__']
|
||||||
@ -219,6 +220,7 @@ class AdminOptions(object):
|
|||||||
self.grant_change_row_level_perm=grant_change_row_level_perm
|
self.grant_change_row_level_perm=grant_change_row_level_perm
|
||||||
self.grant_delete_row_level_perm=grant_delete_row_level_perm
|
self.grant_delete_row_level_perm=grant_delete_row_level_perm
|
||||||
self.hidden = hidden
|
self.hidden = hidden
|
||||||
|
self.show_all_rows = show_all_rows
|
||||||
|
|
||||||
def get_field_sets(self, opts):
|
def get_field_sets(self, opts):
|
||||||
"Returns a list of AdminFieldSet objects for this AdminOptions object."
|
"Returns a list of AdminFieldSet objects for this AdminOptions object."
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user