mirror of
https://github.com/django/django.git
synced 2024-12-22 17:16:24 +00:00
Partially reverted 825f0beda8
.
This commit is contained in:
parent
ae26e0ad2c
commit
b30f9b131c
@ -861,9 +861,6 @@ class ModelAdmin(BaseModelAdmin):
|
|||||||
# want *any* actions enabled on this page.
|
# want *any* actions enabled on this page.
|
||||||
if self.actions is None or IS_POPUP_VAR in request.GET:
|
if self.actions is None or IS_POPUP_VAR in request.GET:
|
||||||
return OrderedDict()
|
return OrderedDict()
|
||||||
# The change permission is required to use actions.
|
|
||||||
if not self.has_change_permission(request):
|
|
||||||
return OrderedDict()
|
|
||||||
|
|
||||||
actions = []
|
actions = []
|
||||||
|
|
||||||
@ -1692,8 +1689,6 @@ class ModelAdmin(BaseModelAdmin):
|
|||||||
# Actions with no confirmation
|
# Actions with no confirmation
|
||||||
if (actions and request.method == 'POST' and
|
if (actions and request.method == 'POST' and
|
||||||
'index' in request.POST and '_save' not in request.POST):
|
'index' in request.POST and '_save' not in request.POST):
|
||||||
if not self.has_change_permission(request):
|
|
||||||
raise PermissionDenied
|
|
||||||
if selected:
|
if selected:
|
||||||
response = self.response_action(request, queryset=cl.get_queryset(request))
|
response = self.response_action(request, queryset=cl.get_queryset(request))
|
||||||
if response:
|
if response:
|
||||||
@ -1710,8 +1705,6 @@ class ModelAdmin(BaseModelAdmin):
|
|||||||
if (actions and request.method == 'POST' and
|
if (actions and request.method == 'POST' and
|
||||||
helpers.ACTION_CHECKBOX_NAME in request.POST and
|
helpers.ACTION_CHECKBOX_NAME in request.POST and
|
||||||
'index' not in request.POST and '_save' not in request.POST):
|
'index' not in request.POST and '_save' not in request.POST):
|
||||||
if not self.has_change_permission(request):
|
|
||||||
raise PermissionDenied
|
|
||||||
if selected:
|
if selected:
|
||||||
response = self.response_action(request, queryset=cl.get_queryset(request))
|
response = self.response_action(request, queryset=cl.get_queryset(request))
|
||||||
if response:
|
if response:
|
||||||
|
@ -340,9 +340,6 @@ Conditionally enabling or disabling actions
|
|||||||
Finally, you can conditionally enable or disable actions on a per-request
|
Finally, you can conditionally enable or disable actions on a per-request
|
||||||
(and hence per-user basis) by overriding :meth:`ModelAdmin.get_actions`.
|
(and hence per-user basis) by overriding :meth:`ModelAdmin.get_actions`.
|
||||||
|
|
||||||
This doesn't return any actions if the user doesn't have the "change"
|
|
||||||
permission for the model.
|
|
||||||
|
|
||||||
This returns a dictionary of actions allowed. The keys are action names, and
|
This returns a dictionary of actions allowed. The keys are action names, and
|
||||||
the values are ``(function, name, short_description)`` tuples.
|
the values are ``(function, name, short_description)`` tuples.
|
||||||
|
|
||||||
|
@ -11,7 +11,7 @@ from django.contrib.admin.widgets import (
|
|||||||
AdminDateWidget, AdminRadioSelect, AutocompleteSelect,
|
AdminDateWidget, AdminRadioSelect, AutocompleteSelect,
|
||||||
AutocompleteSelectMultiple,
|
AutocompleteSelectMultiple,
|
||||||
)
|
)
|
||||||
from django.contrib.auth.models import Permission, User
|
from django.contrib.auth.models import User
|
||||||
from django.db import models
|
from django.db import models
|
||||||
from django.forms.widgets import Select
|
from django.forms.widgets import Select
|
||||||
from django.test import SimpleTestCase, TestCase
|
from django.test import SimpleTestCase, TestCase
|
||||||
@ -676,18 +676,6 @@ class ModelAdminTests(TestCase):
|
|||||||
self.assertEqual(perms_needed, set())
|
self.assertEqual(perms_needed, set())
|
||||||
self.assertEqual(protected, [])
|
self.assertEqual(protected, [])
|
||||||
|
|
||||||
def test_get_actions_requires_change_perm(self):
|
|
||||||
user = User.objects.create_user(username='bob', email='bob@test.com', password='test')
|
|
||||||
mock_request = MockRequest()
|
|
||||||
mock_request.user = user
|
|
||||||
mock_request.GET = {}
|
|
||||||
ma = ModelAdmin(Band, self.site)
|
|
||||||
self.assertEqual(list(ma.get_actions(mock_request).keys()), [])
|
|
||||||
p = Permission.objects.get(codename='change_band', content_type=get_content_type_for_model(Band()))
|
|
||||||
user.user_permissions.add(p)
|
|
||||||
mock_request.user = User.objects.get(pk=user.pk)
|
|
||||||
self.assertEqual(list(ma.get_actions(mock_request).keys()), ['delete_selected'])
|
|
||||||
|
|
||||||
|
|
||||||
class ModelAdminPermissionTests(SimpleTestCase):
|
class ModelAdminPermissionTests(SimpleTestCase):
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user