[per-object-permissions] First version where inline objects are checked for row level permissions

git-svn-id: http://code.djangoproject.com/svn/django/branches/per-object-permissions@3891 bcc190cf-cafb-0310-a4f2-bffc1f526a37
author: Christopher Long <indirecthit@gmail.com> 2006-10-03 13:19:19 +0000
committer: Christopher Long <indirecthit@gmail.com> 2006-10-03 13:19:19 +0000
commit: 655bee8b288ae2893da05a4f750c2899c81b47ea (patch)
tree: 39081ba2d9e09ce8dfae1f1109196dd368c95875
parent: ea249260dc5bd6ae29e6c80e7212948f4997c79b (diff)
download: django-655bee8b288ae2893da05a4f750c2899c81b47ea.tar.gz
4 files changed, 69 insertions, 4 deletions
diff --git a/django/contrib/admin/templates/admin/edit_inline_stacked.html b/django/contrib/admin/templates/admin/edit_inline_stacked.html
index 48ecc698d9..491061198a 100644
--- a/django/contrib/admin/templates/admin/edit_inline_stacked.html
+++ b/django/contrib/admin/templates/admin/edit_inline_stacked.html
@@ -1,6 +1,8 @@
 {% load admin_modify %}
 <fieldset class="module aligned">
    {% for fcw in bound_related_object.form_field_collection_wrappers %}
+   {% load row_level_permission %}
+   {% check_rlp_inline fcw.original %}
       <h2>{{ bound_related_object.relation.opts.verbose_name|capfirst|escape }}&nbsp;#{{ forloop.counter }}</h2>
       {% if bound_related_object.show_url %}{% if fcw.obj.original %}
       <p><a href="/r/{{ fcw.obj.original.content_type_id }}/{{ fcw.obj.original.id }}/">View on site</a></p>
@@ -12,5 +14,6 @@
             {% admin_field_line bound_field %}
          {% endif %}
       {% endfor %}
+    {% end_check_rlp_inline %}
     {% endfor %}
 </fieldset>
diff --git a/django/contrib/admin/templates/admin/edit_inline_tabular.html b/django/contrib/admin/templates/admin/edit_inline_tabular.html
index 3d059c8b3d..b0cb753ecd 100644
--- a/django/contrib/admin/templates/admin/edit_inline_tabular.html
+++ b/django/contrib/admin/templates/admin/edit_inline_tabular.html
@@ -9,6 +9,8 @@
    {% endfor %}
    </tr></thead>
    {% for fcw in bound_related_object.form_field_collection_wrappers %}
+   {% load row_level_permission %}
+   {% check_rlp_inline fcw.original %}
       {% if change %}{% if original_row_needed %}
          {% if fcw.obj.original %}
             <tr class="row-label {% cycle row1,row2 %}"><td colspan="{{ num_headers }}"><strong>{{ fcw.obj.original }}</strong></tr>
@@ -31,7 +33,8 @@
          {% if fcw.obj.original %}<a href="/r/{{ fcw.obj.original.content_type_id }}/{{ fcw.obj.original.id }}/">View on site</a>{% endif %}
       </td>{% endif %}
       </tr>
-
+   
+   {% end_check_rlp_inline %}
    {% endfor %} </table>
 
    {% for fcw in bound_related_object.form_field_collection_wrappers %}
diff --git a/django/contrib/admin/templatetags/admin_modify.py b/django/contrib/admin/templatetags/admin_modify.py
index 0bf3995eb6..90e8cf3818 100644
--- a/django/contrib/admin/templatetags/admin_modify.py
+++ b/django/contrib/admin/templatetags/admin_modify.py
@@ -119,6 +119,7 @@ class FieldWrapper(object):
 class FormFieldCollectionWrapper(object):
     def __init__(self, field_mapping, fields, index):
         self.field_mapping = field_mapping
+        self.original = field_mapping['original']
         self.fields = fields
         self.bound_fields = [AdminBoundField(field, self.field_mapping, field_mapping['original'])
                              for field in self.fields]
@@ -127,13 +128,17 @@ class FormFieldCollectionWrapper(object):
 class TabularBoundRelatedObject(BoundRelatedObject):
     def __init__(self, related_object, field_mapping, original):
         super(TabularBoundRelatedObject, self).__init__(related_object, field_mapping, original)
+        
         self.field_wrapper_list = [FieldWrapper(field) for field in self.relation.editable_fields()]
-
+        
         fields = self.relation.editable_fields()
-
+        
         self.form_field_collection_wrappers = [FormFieldCollectionWrapper(field_mapping, fields, i)
                                                for (i,field_mapping) in self.field_mappings.items() ]
+        
         self.original_row_needed = max([fw.use_raw_id_admin() for fw in self.field_wrapper_list])
+        if original:
+            self.original = original
         self.show_url = original and hasattr(self.relation.opts, 'get_absolute_url')
 
     def template_name(self):
@@ -147,6 +152,10 @@ class StackedBoundRelatedObject(BoundRelatedObject):
 
         self.form_field_collection_wrappers = [FormFieldCollectionWrapper(field_mapping ,fields, i)
                                                for (i,field_mapping) in self.field_mappings.items()]
+
+        if original:
+            self.original = original
+        
         self.show_url = original and hasattr(self.relation.opts, 'get_absolute_url')
 
     def template_name(self):
diff --git a/django/contrib/admin/templatetags/row_level_permission.py b/django/contrib/admin/templatetags/row_level_permission.py
index 768d747c6f..1f552d2772 100644
--- a/django/contrib/admin/templatetags/row_level_permission.py
+++ b/django/contrib/admin/templatetags/row_level_permission.py
@@ -34,6 +34,55 @@ def objref(parser, token):
         tok = "object"
     return objref_class(tok)
 
+def check_rlp_inline(parser, token):
+    tokens = token.split_contents()
+    if len(tokens)!=2:
+        raise template.TemplateSyntaxError, "%r tag requires only 1 arguments" % tokens[0]
+    
+    nodelist = parser.parse(('end_'+tokens[0],))
+    token = parser.next_token()    
+    
+    object_var = parser.compile_filter(tokens[1])
+    
+    return CheckRLPInlineNode(object_var, nodelist)
+
+class CheckRLPInlineNode(template.Node):
+    def __init__(self, object_var, nodelist):
+        self.object_var = object_var
+        self.nodelist = nodelist
+        
+    def render(self, context):
+        if self.object_var:
+            try:
+                object = self.object_var.resolve(context)
+            except template.VariableDoesNotExist:
+                return self.nodelist.render(context)
+        else:
+            return self.nodelist.render(context)
+        
+        if object is None:
+            return self.nodelist.render(context)            
+        
+        if not object._meta.row_level_permissions:
+            return self.nodelist.render(context)
+        
+        try:
+            user = template.resolve_variable("user", context)
+        except template.VariableDoesNotExist:
+            return settings.TEMPLATE_STRING_IF_INVALID
+        
+        permission = object._meta.get_change_permission()
+        
+        bool_perm = user.has_perm(object._meta.app_label+'.'+permission, object=object)
+        
+        if bool_perm:
+            return self.nodelist.render(context)
+        return ""
+        
+        
+        
+        
+
 #From: http://code.djangoproject.com/wiki/PaginatorTag
 def paginator(context, adjacent_pages=2):
     """Adds pagination context variables for first, adjacent and next page links
@@ -57,4 +106,5 @@ def paginator(context, adjacent_pages=2):
 
 register.inclusion_tag("admin/paginator.html", takes_context=True)(paginator)
 
-register.tag('objref', objref)
-\ No newline at end of file
+register.tag('objref', objref)
+register.tag('check_rlp_inline', check_rlp_inline)
+\ No newline at end of file
author	Christopher Long <indirecthit@gmail.com>	2006-10-03 13:19:19 +0000
committer	Christopher Long <indirecthit@gmail.com>	2006-10-03 13:19:19 +0000
commit	655bee8b288ae2893da05a4f750c2899c81b47ea (patch)
tree	39081ba2d9e09ce8dfae1f1109196dd368c95875
parent	ea249260dc5bd6ae29e6c80e7212948f4997c79b (diff)
download	django-655bee8b288ae2893da05a4f750c2899c81b47ea.tar.gz