def render(self, context):
obj = self.resolve(self.obj, context)
perm = self.resolve(self.perm, context)
if self.template_name:
template_name = [
self.resolve(obj, context)
for obj in self.template_name.split(',')
]
else:
template_name = 'authority/permission_form.html'
request = context['request']
extra_context = {}
if self.approved:
if (request.user.is_authenticated()
and request.user.has_perm('authority.add_permission')):
extra_context = {
'form_url':
url_for_obj('authority-add-permission', obj),
'next':
request.build_absolute_uri(),
'approved':
self.approved,
'form':
UserPermissionForm(perm,
obj,
approved=self.approved,
initial=dict(codename=perm)),
}
else:
if request.user.is_authenticated(
) and not request.user.is_superuser:
extra_context = {
'form_url':
url_for_obj('authority-add-permission-request', obj),
'next':
request.build_absolute_uri(),
'approved':
self.approved,
'form':
UserPermissionForm(perm,
obj,
approved=self.approved,
initial=dict(
codename=perm,
user=request.user.username)),
}
return template.loader.render_to_string(
template_name,
extra_context,
context_instance=template.RequestContext(request))
def render(self, context):
obj = self.resolve(self.obj, context)
perm = self.resolve(self.perm, context)
if self.template_name:
template_name = [
self.resolve(o, context) for o in self.template_name.split(",")
]
else:
template_name = "authority/permission_form.html"
request = context["request"]
extra_context = {}
if self.approved:
if request.user.is_authenticated and request.user.has_perm(
"authority.add_permission"):
extra_context = {
"form_url":
url_for_obj("authority-add-permission", obj),
"next":
request.build_absolute_uri(),
"approved":
self.approved,
"form":
UserPermissionForm(perm,
obj,
approved=self.approved,
initial=dict(codename=perm)),
}
else:
if request.user.is_authenticated and not request.user.is_superuser:
extra_context = {
"form_url":
url_for_obj("authority-add-permission-request", obj),
"next":
request.build_absolute_uri(),
"approved":
self.approved,
"form":
UserPermissionForm(
perm,
obj,
approved=self.approved,
initial=dict(codename=perm,
user=request.user.username),
),
}
return template.loader.render_to_string(template_name, extra_context,
request)
def add_permission(request, app_label, module_name, pk, approved=False,
template_name = 'authority/permission_form.html',
extra_context={}):
codename = request.POST.get('codename', None)
model = get_model(app_label, module_name)
if model is None:
return permission_denied(request)
obj = get_object_or_404(model, pk=pk)
next = get_next(request, obj)
if approved:
if not request.user.has_perm('authority.add_permission'):
return HttpResponseRedirect(
url_for_obj('authority-add-permission-request', obj))
view_name = 'authority-add-permission'
else:
view_name = 'authority-add-permission-request'
if request.method == 'POST':
if codename is None:
return HttpResponseForbidden(next)
form = UserPermissionForm(data=request.POST, obj=obj,
approved=approved, perm=codename,
initial=dict(codename=codename))
if not approved:
# Limit permission request to current user
form.data['user'] = request.user
if form.is_valid():
permission = form.save(request)
request.user.message_set.create(
message=_('You added a permission request.'))
return HttpResponseRedirect(next)
else:
form = UserPermissionForm(obj=obj, approved=approved, perm=codename,
initial=dict(codename=codename))
context = {
'form': form,
'form_url': url_for_obj(view_name, obj),
'next': next,
'perm': codename,
'approved': approved,
}
context.update(extra_context)
return render_to_response(template_name, context,
context_instance=RequestContext(request))
def add_permission(
request, app_label, module_name, pk, extra_context={}, template_name="authority/permission_form.html"
):
next = request.POST.get("next", "/")
codename = request.POST.get("codename", None)
if codename is None:
return HttpResponseForbidden(next)
model = get_model(app_label, module_name)
if model is None:
return HttpResponseRedirect(next)
obj = get_object_or_404(model, pk=pk)
form = UserPermissionForm(data=request.POST, obj=obj, perm=codename, initial={"codename": codename})
if form.is_valid():
form.save(request)
request.user.message_set.create(message=ugettext("You added a permission."))
return HttpResponseRedirect(next)
else:
context = {"form": form, "form_url": add_url_for_obj(obj), "next": next, "perm": codename}
context.update(extra_context)
return render_to_response(template_name, context, context_instance=RequestContext(request))
