def is_allowed(self,obj,type='change'): #type pode ser add,change,delete,orgedit,ownedit ,regionedit #talvez precise de algo como owndelete, ver. if self.user.is_superuser: return True content_type = get_content_type(obj) perm_code = "%s_%s"%(type,content_type.model) print 'perm_code : %s'%perm_code has = self.has_permission(perm_code) if has: print 'has' if type in ('add','change','delete'): #essas permissoes sao Model based #entao, se ele as tem, tem para todas #instancias do modelo return True else: #se nao for o caso, precisamos verificar #permissoes object based, seguindo as #regras de negocio estipuladas if type=='ownedit': return self.can_ownedit(obj) elif type=='regionedit': return self.can_regionedit(obj) elif type=='orgedit': return self.can_orgedit(obj) else: raise ValueError("esse tipo de permissao %s nao esta definido"%type) else: return False
def can_edit(self,obj,permissions=('change','delete','ownedit','orgedit','regionedit')): if self.user.is_superuser: return True content_type = get_content_type(obj) modelname = content_type.model perm_codes = ['%s_%s'%(p,modelname) for p in permissions] has = self.has_permissions(perm_codes) if has: return True else: return False