From aba82ef36bbed5d7f5cdd23d48a8ed2805607d24 Mon Sep 17 00:00:00 2001 From: Christopher Long Date: Wed, 2 Aug 2006 15:47:11 +0000 Subject: [PATCH] [per-object-permissions] Renamed the attribute in RLPs to be model instead of type git-svn-id: http://code.djangoproject.com/svn/django/branches/per-object-permissions@3518 bcc190cf-cafb-0310-a4f2-bffc1f526a37 --- .../admin/row_level_perm_manipulator.py | 12 +++---- .../admin/templates/admin/change_form.html | 3 ++ .../templates/admin/row_level_permission.html | 6 ++-- .../admin/views/row_level_permissions.py | 10 +++--- django/contrib/auth/models.py | 31 ++++++++++--------- django/db/models/base.py | 2 +- 6 files changed, 35 insertions(+), 29 deletions(-) diff --git a/django/contrib/admin/row_level_perm_manipulator.py b/django/contrib/admin/row_level_perm_manipulator.py index 8939238472..b3a79dcfdc 100644 --- a/django/contrib/admin/row_level_perm_manipulator.py +++ b/django/contrib/admin/row_level_perm_manipulator.py @@ -32,15 +32,15 @@ class ChangeRLPManipulator(forms.Manipulator): owner = MultipleObjSelectField.returnObject(new_data['owner']) owner_ct = ContentType.objects.get_for_model(owner) - model_ct = rlp.type_ct - model = model_ct.get_object_for_this_type (pk=rlp.type_id) + model_ct = rlp.model_ct + model = model_ct.get_object_for_this_type (pk=rlp.model_id) perm = Permission.objects.get(pk=new_data['perm']) - field_name_list = ('owner_ct', 'owner_id', 'type_ct', 'type_id', 'permission') + field_name_list = ('owner_ct', 'owner_id', 'model_ct', 'model_id', 'permission') field_data = owner_ct.id - all_data = {'owner_id':owner.id, 'type_ct_id':model_ct.id, 'type_id':model.id, 'permission_id':perm.id} + all_data = {'owner_id':owner.id, 'model_ct_id':model_ct.id, 'model_id':model.id, 'permission_id':perm.id} manipulators.manipulator_validator_unique_together(field_name_list, self.opts, self, field_data, all_data) rlp.owner = owner @@ -74,9 +74,9 @@ class AddRLPManipulator(ChangeRLPManipulator): for i in new_data.getlist('perm'): perm = Permission.objects.get(pk=i) - field_name_list = ('owner_ct', 'owner_id', 'type_ct', 'type_id', 'permission') + field_name_list = ('owner_ct', 'owner_id', 'model_ct', 'model_id', 'permission') field_data = ct.id - all_data = {'owner_id':owner.id, 'type_ct_id':self.ct.id, 'type_id':self.obj_instance.id, 'permission_id':perm.id} + all_data = {'owner_id':owner.id, 'model_ct_id':self.ct.id, 'model_id':self.obj_instance.id, 'permission_id':perm.id} manipulators.manipulator_validator_unique_together(field_name_list, self.opts, self, field_data, all_data) rlp = RowLevelPermission.objects.create_row_level_permission(self.obj_instance, owner, perm, negative=new_data['negative']) diff --git a/django/contrib/admin/templates/admin/change_form.html b/django/contrib/admin/templates/admin/change_form.html index 3e340615a7..c23d2ce686 100644 --- a/django/contrib/admin/templates/admin/change_form.html +++ b/django/contrib/admin/templates/admin/change_form.html @@ -67,7 +67,10 @@ {% if new_rlp_form %} +

{% trans "Row Level Permissions" %}

+
{% include "admin/row_level_permission.html" %} +
{% endif %} diff --git a/django/contrib/admin/templates/admin/row_level_permission.html b/django/contrib/admin/templates/admin/row_level_permission.html index bb62c78a52..b73f1e99a2 100644 --- a/django/contrib/admin/templates/admin/row_level_permission.html +++ b/django/contrib/admin/templates/admin/row_level_permission.html @@ -1,4 +1,6 @@ {% load i18n admin_modify %} +{% include_admin_script "js/ajax/prototype.js" %} +{% include_admin_script "js/ajax/scriptaculous.js" %} {% include_admin_script "js/row_level_permission.js" %} @@ -15,7 +17,7 @@ {% trans "Options" %} - + {% endfor %} {% else %} - + {% endif %}
{% trans "Add Permissions" %} @@ -73,7 +75,7 @@
No row level permissions
No row level permissions
\ No newline at end of file diff --git a/django/contrib/admin/views/row_level_permissions.py b/django/contrib/admin/views/row_level_permissions.py index 0c54ae2e87..b82d00cc3f 100644 --- a/django/contrib/admin/views/row_level_permissions.py +++ b/django/contrib/admin/views/row_level_permissions.py @@ -11,12 +11,12 @@ def delete_row_level_permission(request, ct_id, rlp_id, hash, ajax=None): msg = {} if utils.verify_objref_hash(ct_id, rlp_id, hash): rlp = get_object_or_404(RowLevelPermission, pk=rlp_id) - ct = rlp.type_ct - obj = rlp.type + ct = rlp.model_ct + obj = rlp.model opts = rlp._meta if not request.user.has_perm(opts.app_label + '.' + opts.get_delete_permission()): raise PermissionDenied - if not request.user.has_perm(obj._meta.app_label + '.' + obj._meta.get_change_permission()()): + if not request.user.has_perm(obj._meta.app_label + '.' + obj._meta.get_change_permission()): raise PermissionDenied rlp.delete() msg = {"result":True, "text":_("Row level permission was successful deleted"), "id":rlp_id} @@ -92,7 +92,7 @@ def change_row_level_permission(request, ct_id, rlp_id, hash, ajax=None): if not request.user.has_perm(opts.app_label + '.' + opts.get_add_permission()): raise PermissionDenied - object_model = rlp.type_ct.model_class() + object_model = rlp.model_ct.model_class() if not request.user.has_perm(object_model._meta.app_label + '.' + object_model._meta.get_change_permission()): raise PermissionDenied @@ -111,4 +111,4 @@ def change_row_level_permission(request, ct_id, rlp_id, hash, ajax=None): if ajax: return HttpResponse(simplejson.dumps(msg), 'text/javascript') request.user.message_set.create(message=msg['text']) - return HttpResponseRedirect("../../../../../../%s/%s/%s" % (object_model._meta.app_label, object_model._meta.module_name , str(rlp.type_id))) \ No newline at end of file + return HttpResponseRedirect("../../../../../../%s/%s/%s" % (object_model._meta.app_label, object_model._meta.module_name , str(rlp.model_id))) \ No newline at end of file diff --git a/django/contrib/auth/models.py b/django/contrib/auth/models.py index 678c1a4533..cf5750f40c 100644 --- a/django/contrib/auth/models.py +++ b/django/contrib/auth/models.py @@ -48,27 +48,28 @@ class Permission(models.Model): return "%s | %s" % (self.content_type, self.name) class RowLevelPermissionManager(models.Manager): - def create_row_level_permission(self, object_instance, owner, permission, negative=False): + def create_row_level_permission(self, model_instance, owner, permission, negative=False): if isinstance(permission, str): permission = Permission.objects.get(codename__exact=permission) - type_ct=ContentType.objects.get_for_model(object_instance) - if type_ct != permission.content_type: + model_ct=ContentType.objects.get_for_model(model_instance) + if model_ct != permission.content_type: raise TypeError, "Invalid value: Permission content type(%s) and object content type(%s) do not match" % (permission.content_type, type_ct) - rowLvlPerm = self.model(type_id=object_instance.id, type_ct=ContentType.objects.get_for_model(object_instance), + rowLvlPerm = self.model(model_id=model_instance.id, model_ct=model_ct, owner_id=owner.id, owner_ct=ContentType.objects.get_for_model(owner), permission=permission, negative=negative) rowLvlPerm.save() return rowLvlPerm - def create_default_row_permissions(self, type, owner, change=True, delete=True, negChange=False, negDel=False): + def create_default_row_permissions(self, model_instance, owner, change=True, delete=True, negChange=False, negDel=False): ret_dict = {} + model_ct = ContentType.objects.get_for_model(model_instance) if change: - change_str = "change_%s" % (ContentType.objects.get_for_model(type)) - ret_dict[change_str]=self.create_row_level_permission(type, owner, change_str, negative=negChange) + change_str = "change_%s" % (model_ct) + ret_dict[change_str]=self.create_row_level_permission(model_instance, owner, change_str, negative=negChange) if delete: - delete_str = "delete_%s" % (ContentType.objects.get_for_model(type)) - ret_dict[delete_str]=self.create_row_level_permission(type, owner, delete_str, negative=negDel) + delete_str = "delete_%s" % (model_ct) + ret_dict[delete_str]=self.create_row_level_permission(model_instance, owner, delete_str, negative=negDel) return ret_dict class RowLevelPermission(models.Model): @@ -76,14 +77,14 @@ class RowLevelPermission(models.Model): This uses generic relations to minimize the number of tables, and connects to the permissions table using a many to one relation. """ - type_id = models.PositiveIntegerField("'Type' ID") - type_ct = models.ForeignKey(ContentType, verbose_name="'Type' content type", related_name="type_ct") + model_id = models.PositiveIntegerField("'Model' ID") + model_ct = models.ForeignKey(ContentType, verbose_name="'Model' content type", related_name="model_ct") owner_id = models.PositiveIntegerField("'Owner' ID") owner_ct = models.ForeignKey(ContentType, verbose_name="'Owner' content type", related_name="owner_ct") negative = models.BooleanField() permission = models.ForeignKey(Permission) - type = models.GenericForeignKey(fk_field='type_id', ct_field='type_ct') + model = models.GenericForeignKey(fk_field='model_id', ct_field='model_ct') owner = models.GenericForeignKey(fk_field='owner_id', ct_field='owner_ct') objects = RowLevelPermissionManager() @@ -91,14 +92,14 @@ class RowLevelPermission(models.Model): class Meta: verbose_name = _('row level permission') verbose_name_plural = _('row level permissions') - unique_together = (('type_ct', 'type_id', 'owner_id', 'owner_ct', 'permission'),) + unique_together = (('model_ct', 'model_id', 'owner_id', 'owner_ct', 'permission'),) def __str__(self): - return "%s | %s:%s | %s:%s" % (self.permission, self.owner_ct, self.owner, self.type_ct, self.type) + return "%s | %s:%s | %s:%s" % (self.permission, self.owner_ct, self.owner, self.model_ct, self.model) def __repr__(self): - return "%s | %s:%s | %s:%s" % (self.permission, self.owner_ct, self.owner, self.type_ct, self.type) + return "%s | %s:%s | %s:%s" % (self.permission, self.owner_ct, self.owner, self.model_ct, self.model) class Group(models.Model): diff --git a/django/db/models/base.py b/django/db/models/base.py index 24812d7361..e248929ae9 100644 --- a/django/db/models/base.py +++ b/django/db/models/base.py @@ -63,7 +63,7 @@ class ModelBase(type): if getattr(new_class._meta, 'row_level_permissions', None): from django.contrib.auth.models import RowLevelPermission - gen_rel = django.db.models.GenericRelation(RowLevelPermission, object_id_field="type_id", content_type_field="type_ct") + gen_rel = django.db.models.GenericRelation(RowLevelPermission, object_id_field="model_id", content_type_field="model_ct") new_class.add_to_class("row_level_permissions", gen_rel) new_class._prepare()