def change_roles_permissions(self, request):
if not can_manage_user(request.user):
raise PermissionDenied(user=request.user,
perm=MANAGE_USER_PERMISION)
opts = self.model._meta
admin_site = self.admin_site
has_perm = request.user.has_perm(opts.app_label + '.' +
opts.get_change_permission())
if request.method == 'POST':
selected = request.POST.getlist('selected_perm')
for obj_perm in ObjectPermission.objects.filter(
content__isnull=True):
role_perm = "%s_%s" % (obj_perm.role.id,
obj_perm.permission.id)
if role_perm not in selected:
obj_perm.delete()
for role_perm in selected:
role_id, perm_id = role_perm.split('_')
role = Role.objects.get(id=role_id)
perm = Permission.objects.get(id=perm_id)
op, created = ObjectPermission.objects.get_or_create(
role=role, permission=perm, content=None)
return self.response_change_permissions(request)
roles = Role.objects.all()
permissions = {}
for perm in Permission.objects.all():
permissions[perm] = []
for role in roles:
permissions[perm].append(
(role, perm.objectpermission_set.filter(role=role) and True
or False))
context = {
'admin_site': admin_site.name,
'change': True,
'is_popup': False,
'save_as': False,
'has_delete_permission': False,
'has_add_permission': False,
'add': False,
'model_admin': self,
'title': "Roles permissions",
'opts': opts,
'root_path': '/%s' % admin_site.root_path,
'app_label': opts.app_label,
'has_change_permission': has_perm,
'role_permissions': permissions,
'roles': roles
}
template = 'admin/perms/objectpermission/role_permissions.html'
return render_to_response(template,
context,
context_instance=RequestContext(request))
def change_roles_permissions(self, request):
if not can_manage_user(request.user):
raise PermissionDenied(user=request.user,
perm=MANAGE_USER_PERMISION)
opts = self.model._meta
admin_site = self.admin_site
has_perm = request.user.has_perm(opts.app_label + '.' + opts.get_change_permission())
if request.method == 'POST':
selected = request.POST.getlist('selected_perm')
for obj_perm in ObjectPermission.objects.filter(content__isnull=True):
role_perm = "%s_%s" % (obj_perm.role.id, obj_perm.permission.id)
if role_perm not in selected:
obj_perm.delete()
for role_perm in selected:
role_id, perm_id = role_perm.split('_')
role = Role.objects.get(id=role_id)
perm = Permission.objects.get(id=perm_id)
op, created = ObjectPermission.objects.get_or_create(role=role, permission=perm, content=None)
return self.response_change_permissions(request)
roles = Role.objects.all()
permissions = {}
for perm in Permission.objects.all():
permissions[perm] = []
for role in roles:
permissions[perm].append((role, perm.objectpermission_set.filter(role=role) and True or False))
context = {'admin_site': admin_site.name,
'change': True,
'is_popup': False,
'save_as': False,
'has_delete_permission': False,
'has_add_permission': False,
'add': False,
'model_admin': self,
'title': "Roles permissions",
'opts': opts,
'root_path': '/%s' % admin_site.root_path,
'app_label': opts.app_label,
'has_change_permission': has_perm,
'role_permissions': permissions,
'roles': roles}
template = 'admin/perms/objectpermission/role_permissions.html'
return render_to_response(template,
context,
context_instance=RequestContext(request))
def has_change_permission(self, request, obj=None):
"""
Overrides Django admin behaviour to add ownership based access control
"""
return can_manage_user(request.user)
def has_change_permission(self, request, obj=None):
"""
Overrides Django admin behaviour to add ownership based access control
"""
return can_manage_user(request.user)
