def add_permission( request, app_label, module_name, pk, extra_context={}, template_name="authority/permission_form.html" ): next = request.POST.get("next", "/") codename = request.POST.get("codename", None) if codename is None: return HttpResponseForbidden(next) model = get_model(app_label, module_name) if model is None: return HttpResponseRedirect(next) obj = get_object_or_404(model, pk=pk) form = UserPermissionForm(data=request.POST, obj=obj, perm=codename, initial={"codename": codename}) if form.is_valid(): form.save(request) request.user.message_set.create(message=ugettext("You added a permission.")) return HttpResponseRedirect(next) else: context = {"form": form, "form_url": add_url_for_obj(obj), "next": next, "perm": codename} context.update(extra_context) return render_to_response(template_name, context, context_instance=RequestContext(request))
def add_permission(request, app_label, module_name, pk, approved=False, template_name = 'authority/permission_form.html', extra_context={}): codename = request.POST.get('codename', None) model = get_model(app_label, module_name) if model is None: return permission_denied(request) obj = get_object_or_404(model, pk=pk) next = get_next(request, obj) if approved: if not request.user.has_perm('authority.add_permission'): return HttpResponseRedirect( url_for_obj('authority-add-permission-request', obj)) view_name = 'authority-add-permission' else: view_name = 'authority-add-permission-request' if request.method == 'POST': if codename is None: return HttpResponseForbidden(next) form = UserPermissionForm(data=request.POST, obj=obj, approved=approved, perm=codename, initial=dict(codename=codename)) if not approved: # Limit permission request to current user form.data['user'] = request.user if form.is_valid(): permission = form.save(request) request.user.message_set.create( message=_('You added a permission request.')) return HttpResponseRedirect(next) else: form = UserPermissionForm(obj=obj, approved=approved, perm=codename, initial=dict(codename=codename)) context = { 'form': form, 'form_url': url_for_obj(view_name, obj), 'next': next, 'perm': codename, 'approved': approved, } context.update(extra_context) return render_to_response(template_name, context, context_instance=RequestContext(request))