[per-object-permissions] Removed debug print statement in auth/models.py

[per-object-permissions] Added admin option: show_all_rows which by default is set to True. If False, it will only show the rows the user has permission for. Implemented the changes into change_list to allow this

git-svn-id: http://code.djangoproject.com/svn/django/branches/per-object-permissions@3627 bcc190cf-cafb-0310-a4f2-bffc1f526a37

django/contrib/admin/templatetags/admin_list.py

@@ -104,6 +104,10 @@ def result_headers(cl):
 def items_for_result(cl, result):
     first = True
     pk = cl.lookup_opts.pk.attname
+    if not cl.opts.admin.show_all_rows:
+        if not cl.user.has_perm(cl.opts.app_label + "." + cl.opts.get_change_permission(), object=result):
+            return
+        cl.result_count = cl.result_count +1
     for field_name in cl.lookup_opts.admin.list_display:
         row_class = ''
         try:

django/contrib/admin/templatetags/adminapplist.py

@@ -27,12 +27,7 @@ class AdminApplistNode(template.Node):
                 for m in app_models:
                     if m._meta.admin:
                         if not m._meta.admin.hidden:
-                            #perms = {
-                                #'add': user.has_perm("%s.%s" % (app_label, m._meta.get_add_permission())),
-                                #'change': user.has_perm("%s.%s" % (app_label, m._meta.get_change_permission())),
-                                #'delete': user.has_perm("%s.%s" % (app_label, m._meta.get_delete_permission())),
-                            #}
-    
+
                             perms = {
                                 'add': user.contains_permission("%s.%s" % (app_label, m._meta.get_add_permission()), m),
                                 'change': user.contains_permission("%s.%s" % (app_label, m._meta.get_change_permission()), m),

django/contrib/admin/views/main.py

@@ -433,7 +433,7 @@ def _get_deleted_objects(deleted_objects, perms_needed, user, obj, opts, current
             else:
                 if related.opts.admin:
                     p = '%s.%s' % (related.opts.app_label, related.opts.get_delete_permission())
-                    if not user.has_perm(p):
+                    if not user.has_perm(p, object=related):
                         perms_needed.add(related.opts.verbose_name)
                         # We don't care about populating deleted_objects now.
                         continue
@@ -464,7 +464,7 @@ def _get_deleted_objects(deleted_objects, perms_needed, user, obj, opts, current
             # permission to delete them, add the missing perm to perms_needed.
             if related.opts.admin and has_related_objs:
                 p = '%s.%s' % (related.opts.app_label, related.opts.get_delete_permission())
-                if not user.has_perm(p):
+                if not user.has_perm(p, object=related):
                     perms_needed.add(rel_opts_name)
     for related in opts.get_all_related_many_to_many_objects():
         if related.opts in opts_seen:
@@ -493,7 +493,7 @@ def _get_deleted_objects(deleted_objects, perms_needed, user, obj, opts, current
         # permission to change them, add the missing perm to perms_needed.
         if related.opts.admin and has_related_objs:
             p = '%s.%s' % (related.opts.app_label, related.opts.get_change_permission())
-            if not user.has_perm(p):
+            if not user.has_perm(p, object=related):
                 perms_needed.add(related.opts.verbose_name)
 
 def delete_stage(request, app_label, model_name, object_id):
@@ -562,6 +562,7 @@ class ChangeList(object):
         self.opts = model._meta
         self.lookup_opts = self.opts
         self.manager = self.opts.admin.manager
+        self.user = request.user
 
         # Get search parameters from the query string.
         try:
@@ -644,7 +645,10 @@ class ChangeList(object):
             except InvalidPage:
                 result_list = ()
 
-        self.result_count = result_count
+        if self.opts.admin.show_all_rows:
+            self.result_count = result_count
+        else:
+            self.result_count = 0
         self.full_result_count = full_result_count
         self.result_list = result_list
         self.can_show_all = can_show_all

django/contrib/auth/models.py

@@ -373,7 +373,7 @@ class User(models.Model):
             backend.quote_name('group_id'), backend.quote_name('user_id'),
             backend.quote_name('negative'), backend.quote_name('owner_ct_id'),
             backend.quote_name('model_ct_id'))
-        print sql
+        
         cursor.execute(sql, [self.id, ContentType.objects.get_for_model(Group).id, ct.id])
         count = int(cursor.fetchone()[0])
         return (count>0)

django/db/models/options.py

@@ -203,7 +203,8 @@ class AdminOptions(object):
     def __init__(self, fields=None, js=None, list_display=None, list_display_links=None, list_filter=None,
         date_hierarchy=None, save_as=False, ordering=None, search_fields=None,
         save_on_top=False, list_select_related=False, manager=None, list_per_page=100, 
-        grant_change_row_level_perm=False, grant_delete_row_level_perm=False, hidden=False):
+        grant_change_row_level_perm=False, grant_delete_row_level_perm=False, hidden=False,
+        show_all_rows=True):
         self.fields = fields
         self.js = js or []
         self.list_display = list_display or ['__str__']
@@ -219,6 +220,7 @@ class AdminOptions(object):
         self.grant_change_row_level_perm=grant_change_row_level_perm
         self.grant_delete_row_level_perm=grant_delete_row_level_perm
         self.hidden = hidden
+        self.show_all_rows = show_all_rows
 
     def get_field_sets(self, opts):
         "Returns a list of AdminFieldSet objects for this AdminOptions object."