diff options
author | Christopher Long <indirecthit@gmail.com> | 2006-10-03 18:11:02 +0000 |
---|---|---|
committer | Christopher Long <indirecthit@gmail.com> | 2006-10-03 18:11:02 +0000 |
commit | 46f6dc7e4ea3d3b69c525499569f3818efbb81fd (patch) | |
tree | e7706c3000a4d27412d67969076a3c52056fc16f | |
parent | 655bee8b288ae2893da05a4f750c2899c81b47ea (diff) | |
download | django-46f6dc7e4ea3d3b69c525499569f3818efbb81fd.tar.gz |
[per-object-permissions] Sets the row level permisisons on objects created inline if the inline objects have row level permissions enabled. This has not been tested indepth, and might not work 100%
git-svn-id: http://code.djangoproject.com/svn/django/branches/per-object-permissions@3895 bcc190cf-cafb-0310-a4f2-bffc1f526a37
-rw-r--r-- | django/contrib/admin/views/main.py | 15 | ||||
-rw-r--r-- | django/db/models/manipulators.py | 3 |
2 files changed, 18 insertions, 0 deletions
diff --git a/django/contrib/admin/views/main.py b/django/contrib/admin/views/main.py index 386967eac5..83ad83db23 100644 --- a/django/contrib/admin/views/main.py +++ b/django/contrib/admin/views/main.py @@ -264,6 +264,13 @@ def add_stage(request, app_label, model_name, show_delete=False, form_url='', po change=admin_opts.grant_change_row_level_perm, delete=admin_opts.grant_delete_row_level_perm) + for rel_obj in manipulator.new_rel_objs: + if rel_obj._meta.row_level_permissions: + from django.contrib.auth.models import RowLevelPermission + admin_opts = rel_obj._meta.admin + RowLevelPermission.objects.create_default_row_permissions(rel_obj, request.user, + change=admin_opts.grant_change_row_level_perm, + delete=admin_opts.grant_delete_row_level_perm) # Here, we distinguish between different save types by checking for # the presence of keys in request.POST. if request.POST.has_key("_continue"): @@ -353,6 +360,14 @@ def change_stage(request, app_label, model_name, object_id): change_message = _('No fields changed.') LogEntry.objects.log_action(request.user.id, ContentType.objects.get_for_model(model).id, pk_value, str(new_object), CHANGE, change_message) + for rel_obj in manipulator.new_rel_objs: + if rel_obj._meta.row_level_permissions: + from django.contrib.auth.models import RowLevelPermission + admin_opts = rel_obj._meta.admin + RowLevelPermission.objects.create_default_row_permissions(rel_obj, request.user, + change=admin_opts.grant_change_row_level_perm, + delete=admin_opts.grant_delete_row_level_perm) + msg = _('The %(name)s "%(obj)s" was changed successfully.') % {'name': opts.verbose_name, 'obj': new_object} if request.POST.has_key("_continue"): request.user.message_set.create(message=msg + ' ' + _("You may edit it again below.")) diff --git a/django/db/models/manipulators.py b/django/db/models/manipulators.py index b0ce48dec5..bfdc3ef6de 100644 --- a/django/db/models/manipulators.py +++ b/django/db/models/manipulators.py @@ -129,6 +129,7 @@ class AutomaticManipulator(forms.Manipulator): # TODO: Add to 'fields_changed' expanded_data = DotExpandedDict(dict(new_data)) + self.new_rel_objs = [] # Save many-to-one objects. Example: Add the Choice objects for a Poll. for related in self.opts.get_all_related_objects(): # Create obj_list, which is a DotExpandedDict such as this: @@ -207,6 +208,7 @@ class AutomaticManipulator(forms.Manipulator): if self.change: if not old_rel_obj: # This object didn't exist before. self.fields_added.append('%s "%s"' % (related.opts.verbose_name, new_rel_obj)) + self.new_rel_objs.append(new_rel_obj) else: for f in related.opts.fields: if not f.primary_key and f != related.field and str(getattr(old_rel_obj, f.attname)) != str(getattr(new_rel_obj, f.attname)): @@ -225,6 +227,7 @@ class AutomaticManipulator(forms.Manipulator): new_rel_obj.delete() self.fields_deleted.append('%s "%s"' % (related.opts.verbose_name, old_rel_obj)) + # Save the order, if applicable. if self.change and self.opts.get_ordered_objects(): order = new_data['order_'] and map(int, new_data['order_'].split(',')) or [] |