def delete_row_level_permission(request, app_label, model_name, object_id, ct_id, rlp_id, hash):
"""
Deletes the given row level permission.
"""
msg = {}
if utils.verify_objref_hash(ct_id, rlp_id, hash):
model = models.get_model(app_label, model_name)
object_id = unquote(object_id)
model_ct = ContentType.objects.get_for_model(model)
model_instance = get_object_or_404(model, pk=object_id)
rlp = get_object_or_404(RowLevelPermission, pk=rlp_id)
ct = rlp.model_ct
obj = rlp.model
model_id = model_instance._get_pk_val()
if not (model_id == rlp.model_id):
raise PermissionDenied
if not request.user.has_perm(rlp._meta.app_label + "." + rlp._meta.get_delete_permission()):
raise PermissionDenied
if not request.user.has_perm(obj._meta.app_label + "." + obj._meta.get_change_permission(), object=obj):
raise PermissionDenied
rlp.delete()
msg = {"result": True, "text": _("Row level permission was successful deleted"), "id": rlp_id}
else:
msg = {"result": False, "text": _("row level permission not found (bad hash)")}
request.user.message_set.create(message=msg["text"])
return HttpResponseRedirect(request.META["HTTP_REFERER"])
def change_row_level_permission(request, app_label, model_name, object_id, ct_id, rlp_id, hash):
msg = {}
if not request.POST:
msg = {"result": False, "text": _("Only POSTs are allowed")}
if not utils.verify_objref_hash(ct_id, rlp_id, hash):
msg = {"result": False, "text": _("row level permission not found (bad hash)")}
if msg.has_key("result"):
request.user.message_set.create(message=msg["text"])
return HttpResponseRedirect("../../../../")
model = models.get_model(app_label, model_name)
object_id = unquote(object_id)
ct = ContentType.objects.get_for_model(model)
model_instance = get_object_or_404(model, pk=object_id)
rlp = get_object_or_404(RowLevelPermission, pk=rlp_id)
opts = rlp._meta
if not request.user.has_perm(opts.app_label + "." + opts.get_add_permission()):
raise PermissionDenied
obj = rlp.model
model_id = model_instance._get_pk_val()
object_id = obj._get_pk_val()
if model_id is not object_id:
raise PermissionDenied
if not request.user.has_perm(rlp._meta.app_label + "." + rlp._meta.get_change_permission(), object=obj):
raise PermissionDenied
manip = ChangeRLPManipulator()
new_data = request.POST.copy()
new_data["id"] = rlp_id
manip.do_html2python(new_data)
from django.core import validators
try:
new_rlp = manip.save(new_data)
except validators.ValidationError:
msg = {"result": False, "text": _("A row level permission already exists with the specified values")}
else:
msg = {"result": True, "text": _("Row level permission has successfully been changed"), "id": rlp_id}
request.user.message_set.create(message=msg["text"])
return HttpResponseRedirect(request.META["HTTP_REFERER"])
def add_row_level_permission(request, app_label, model_name, object_id):
msg = {}
if not request.POST:
msg = {"result": False, "text": _("Only POSTs are allowed")}
request.user.message_set.create(message=msg["text"])
return HttpResponseRedirect("/edit/%s/%s" % (obj_type, object_id))
model = models.get_model(app_label, model_name)
object_id = unquote(object_id)
ct = ContentType.objects.get_for_model(model)
obj = get_object_or_404(model, pk=object_id)
if not request.user.has_perm(obj._meta.app_label + "." + obj._meta.get_change_permission(), object=obj):
raise PermissionDenied
if not request.user.has_perm(
RowLevelPermission._meta.app_label + "." + RowLevelPermission._meta.get_add_permission()
):
raise PermissionDenied
manip = AddRLPManipulator(obj, ct)
new_data = request.POST.copy()
manip.do_html2python(new_data)
rlp_list = []
from django.core import validators
try:
rlp_list = manip.save(new_data)
except validators.ValidationError:
msg = {"result": False, "text": _("A row level permission already exists with the specified values.")}
else:
if len(rlp_list) is 1:
msg = {"result": True, "text": _("Row level permission has successfully been added.")}
else:
msg = {"result": True, "text": _("Row level permissions have successfully been added.")}
resp_list = []
for rlp in rlp_list:
hash = utils.create_objref(rlp)
resp_list.append({"id": rlp.id, "permission": rlp.permission.id, "hash": hash})
msg["results"] = resp_list
request.user.message_set.create(message=msg["text"])
return HttpResponseRedirect(request.META["HTTP_REFERER"])
def view_row_level_permissions(request, app_label, model_name, object_id):
"""
Displays a list of row level permisisons for the model instance
"""
model = models.get_model(app_label, model_name)
object_id = unquote(object_id)
model_ct = ContentType.objects.get_for_model(model)
model_instance = get_object_or_404(model, pk=object_id)
opts = model_instance._meta
if not opts.row_level_permissions:
raise Http404
if not request.user.has_perm(opts.app_label + "." + opts.get_change_permission(), object=model_instance):
raise PermissionDenied
if not (
request.user.has_perm(
RowLevelPermission._meta.app_label + "." + RowLevelPermission._meta.get_change_permission()
)
or request.user.has_perm(
RowLevelPermission._meta.app_label + "." + RowLevelPermission._meta.get_add_permission()
)
):
raise PermissionDenied
c = template.RequestContext(
request,
{
"title": _("Edit Row Level Permissions"),
"object_id": object_id,
"content_type_id": model_ct.id,
"original": model_instance,
"opts": opts,
},
)
# Set up the paging
list_per_page = RowLevelPermission._meta.admin.list_per_page
paginator = ObjectPaginator(model_instance.row_level_permissions.order_by("owner_ct", "owner_id"), list_per_page)
page = int(request.GET.get("page", 1)) - 1
try:
rlp_list = paginator.get_page(page)
except InvalidPage:
rlp_list = []
paginator_context = {
"is_paginated": paginator.has_next_page(0),
"has_next": paginator.has_next_page(page),
"has_previous": paginator.has_previous_page(page),
"page": page + 1,
"next": page + 2,
"previous": page,
"hits": paginator.hits,
"results_per_page": list_per_page,
"pages": paginator.pages,
"has_next": paginator.has_next_page(page),
"has_previous": paginator.has_previous_page(page),
}
c.update(paginator_context)
rlp_errors = rlp_new_data = {}
add_rlp_manip = AddRLPManipulator(model_instance, model_ct)
edit_rlp_manip = ChangeRLPManipulator(model_ct)
new_rlp_form = forms.FormWrapper(add_rlp_manip, rlp_new_data, rlp_errors)
# 3 different groups of forms when split by owner
user_rlp_form_list = []
other_rlp_form_list = []
group_rlp_form_list = []
group_ct = model_ct = ContentType.objects.get_for_model(Group)
user_ct = model_ct = ContentType.objects.get_for_model(User)
for r in rlp_list:
owner_val = MultipleObjSelectField.returnKey(r.owner, r.owner_ct)
data = {"id": r.id, "owner": owner_val, "perm": r.permission.id, "negative": r.negative}
if r.owner_ct.id == user_ct.id:
user_rlp_form_list.append({"form": forms.FormWrapper(edit_rlp_manip, data, rlp_errors), "rlp": r})
elif r.owner_ct.id == group_ct.id:
group_rlp_form_list.append({"form": forms.FormWrapper(edit_rlp_manip, data, rlp_errors), "rlp": r})
else:
other_rlp_form_list.append({"form": forms.FormWrapper(edit_rlp_manip, data, rlp_errors), "rlp": r})
# Combine together the three kinds
rlp_forms = []
if user_rlp_form_list:
rlp_forms.append((_("Users"), user_rlp_form_list))
if group_rlp_form_list:
rlp_forms.append((_("Groups"), group_rlp_form_list))
if other_rlp_form_list:
rlp_forms.append((_("Other"), other_rlp_form_list))
rlp_context = {"new_rlp_form": new_rlp_form, "rlp_forms": rlp_forms}
c.update(rlp_context)
return render_to_response(
[
"admin/%s/%s/row_level_permission.html" % (opts.app_label, opts.object_name.lower()),
"admin/%s/row_level_permission.html" % opts.app_label,
"admin/row_level_permission.html",
],
context_instance=c,
)
