def set_group_perms(group, perms, obj): """ Set group permissions to exactly the specified permissions. """ if perms: model = obj.__class__ permissions = permission_map[model] all_perms = dict((p, False) for p in get_model_perms(model)) for perm in perms: all_perms[perm] = True try: group_perms = permissions.objects.get(group=group, obj=obj) except permissions.DoesNotExist: group_perms = permissions(group=group, obj=obj) for perm, enabled in all_perms.iteritems(): if enabled and not getattr(group_perms, perm): granted.send(sender=group, perm=perm, object=obj) elif not enabled and getattr(group_perms, perm): revoked.send(sender=group, perm=perm, object=obj) setattr(group_perms, perm, enabled) group_perms.save() else: # removing all perms. revoke_all_group(group, obj) return perms
def grant_group(group, perm, obj): """ Grant a permission to a Group. """ model = obj.__class__ if perm not in get_model_perms(model): raise UnknownPermissionException(perm) permissions = permission_map[model] try: group_perms = permissions.objects.get(group=group, obj=obj) except permissions.DoesNotExist: group_perms = permissions(group=group, obj=obj) # XXX could raise FieldDoesNotExist if not getattr(group_perms, perm): setattr(group_perms, perm, True) group_perms.save() granted.send(sender=group, perm=perm, object=obj)