[per-object-permissions] Updating admin interface of RLP to be on a separate page, not entirely working at this point

[per-object-permissions] Changed global.css to apply styles to reset button

git-svn-id: http://code.djangoproject.com/svn/django/branches/per-object-permissions@3615 bcc190cf-cafb-0310-a4f2-bffc1f526a37

6 files changed, 144 insertions, 36 deletions

diff --git a/django/contrib/admin/media/css/global.css b/django/contrib/admin/media/css/global.css
index 16c582d578..e08aa29992 100644
--- a/django/contrib/admin/media/css/global.css
+++ b/django/contrib/admin/media/css/global.css
@@ -90,6 +90,11 @@ input[type=submit], input[type=button], .submit-row input { background:white url
 input[type=submit]:active, input[type=button]:active { background-image:url(../img/admin/nav-bg-reverse.gif); background-position:top; }
 input[type=submit].default, .submit-row input.default { border:2px solid #5b80b2; background:#7CA0C7 url(../img/admin/default-bg.gif) bottom repeat-x; font-weight:bold; color:white; }
 input[type=submit].default:active { background-image:url(../img/admin/default-bg-reverse.gif); background-position:top; }
+/* RESET BUTTONS */
+input[type=reset], input[type=button], .submit-row input { background:white url(../img/admin/nav-bg.gif) bottom repeat-x; padding:3px; color:black; border:1px solid #bbb; border-color:#ddd #aaa #aaa #ddd; }
+input[type=reseet]:active, input[type=button]:active { background-image:url(../img/admin/nav-bg-reverse.gif); background-position:top; }
+input[type=reset].default, .submit-row input.default { border:2px solid #5b80b2; background:#7CA0C7 url(../img/admin/default-bg.gif) bottom repeat-x; font-weight:bold; color:white; }
+input[type=reset].default:active { background-image:url(../img/admin/default-bg-reverse.gif); background-position:top; }
 
 /* MODULES */
 .module { border:1px solid #ccc; margin-bottom:5px; background:white; }
diff --git a/django/contrib/admin/row_level_perm_manipulator.py b/django/contrib/admin/row_level_perm_manipulator.py
index 7c2e577da9..949f2fe9a0 100644
--- a/django/contrib/admin/row_level_perm_manipulator.py
+++ b/django/contrib/admin/row_level_perm_manipulator.py
@@ -116,7 +116,6 @@ class MultipleObjSelectField(forms.SelectField):
             object_choice = [(MultipleObjSelectField.returnKey(o, ct=ct), str(o)) for o in obj_choices]
             choice_list.extend([(ct.name.title(), object_choice)])
             #choice_list.extend([(MultipleObjSelectField.returnKey(o, ct=ct), str(o)+" ("+ct.name.title()+")") for o in obj_choices])
-        print choice_list
         super(MultipleObjSelectField, self).__init__(field_name, choices=choice_list, 
                                                      size=size, is_required=is_required, 
                                                      validator_list=validator_list, 
diff --git a/django/contrib/admin/templates/admin/change_form.html b/django/contrib/admin/templates/admin/change_form.html
index 3f236c5000..3f43ae7812 100644
--- a/django/contrib/admin/templates/admin/change_form.html
+++ b/django/contrib/admin/templates/admin/change_form.html
@@ -66,11 +66,13 @@
 </div>
 </form>
 
+{% comment %}
 {% if new_rlp_form  %}
 <div id="row_level_perm_container">
 {% include "admin/row_level_permission.html" %}
 </div>
 {% endif %}
+{% endcomment %}
 
 </div>
 {% endblock %}
diff --git a/django/contrib/admin/templates/admin/row_level_permission.html b/django/contrib/admin/templates/admin/row_level_permission.html
index 422ad403e7..bc4956a464 100644
--- a/django/contrib/admin/templates/admin/row_level_permission.html
+++ b/django/contrib/admin/templates/admin/row_level_permission.html
@@ -1,13 +1,28 @@
-{% load i18n admin_modify %}
-
+{% extends "admin/base_site.html" %}
+{% load i18n admin_modify adminmedia auth %}
+{% block extrahead %}{{ block.super }}
+<script type="text/javascript" src="../../../jsi18n/"></script>
 {% include_admin_script "js/row_level_permission.js" %}
-
-
-<h1>{% trans "Row Level Permissions" %}</h1>
-<div id="rlpResults">
+{% for js in javascript_imports %}{% include_admin_script js %}{% endfor %}
+{% endblock %}
+{% block stylesheet %}{% admin_media_prefix %}css/forms.css{% endblock %}
+{% block coltype %}{% if ordered_objects %}colMS{% else %}colM{% endif %}{% endblock %}
+{% block bodyclass %}{{ opts.app_label }}-{{ opts.object_name.lower }} change-form{% endblock %}
+{% block userlinks %}<a href="../../../../doc/">{% trans 'Documentation' %}</a> / <a href="../../../../password_change/">{% trans 'Change password' %}</a> / <a href="../../../../logout/">{% trans 'Log out' %}</a>{% endblock %}
+{% block breadcrumbs %}
+<div class="breadcrumbs">
+     <a href="../../../../">{% trans "Home" %}</a> &rsaquo;
+     <a href="../../">{{ opts.verbose_name_plural|capfirst|escape }}</a> &rsaquo;
+     <a href="../">{{ original|truncatewords:"18"|escape }}</a> &rsaquo; 
+     {{ title|escape }}
 </div>
+{% endblock %}
+{% block content %}<div id="content-main">
+<div id="changelist">
+
+{% if_has_perm "auth.add_rowlevelpermission" %}
 <h2>{% trans "Add Permissions" %}</h2>
-<form id="addRLPForm" method="POST" name="addRLPForm" action="../../../auth/row_level_permission/add/{{ content_type_id }}/{{ object_id }}/">
+<form id="addRLPForm" method="POST" name="addRLPForm" action="add/">
 <table id="add-rlpTable">
 <tr class="header">
 <th>
@@ -46,7 +61,9 @@
 </tr>
 </table>
 </form>
+{% end_if_has_perm %}
 
+{% if_has_perm "auth.change_rowlevelpermission" %}
 <h2>{% trans "Current Permissions" %}</h2>
 <table id="current-rlpTable">
 {% if rlp_form_list %}
@@ -90,7 +107,7 @@
 		<input id="cancelButton-{{ o.rlp.id }}" type="reset" value="{% trans 'Reset' %}"/>
 		<br/>
 		<!--<a href="../../../auth/row_level_permission/{% objref o.rlp %}/delete/" class="deleteLink" onclick="row_level_permission.deleteRLP('{% objref o.rlp %}'); return false;">{% trans 'Delete' %}</a> |-->
-		<a href="../../../auth/row_level_permission/{% objref o.rlp %}/delete/" class="deleteLink">{% trans 'Delete' %}</a> | 
+		<a href="../../../auth/row_level_permission/{% objref o.rlp %}/delete/" class="deletelink">{% trans 'Delete' %}</a> | 
 		<a href="javascript:row_level_permission.copyToNew({{ o.rlp.id }})" class="copyToNewLink">{% trans 'Copy to New' %}</a>
 	</td>	
 <!--</tr>
@@ -104,10 +121,24 @@
 		<form id="apply_selected_form" method="POST" name="apply_selected_form"  onsubmit="row_level_permission.apply_selected(); return false;">
 			<input id="apply_selected_button" type="submit" value="{% trans 'Apply Selected' %}" />
 		</form>
+		<form id="delete_selected_form" method="POST" name="delete_selected_form"  onsubmit="alert('Not yet working'); return false;">
+			<input id="delete_selected_button" type="submit" value="{% trans 'Delete Selected' %}" />
+		</form>
 	</td>
 </tr>
+{% if is_paginated %}
+<tr align="right">
+<td colspan="5">
+{% if has_previous %} <a href="?page={{ previous }}"> &lt;&lt; </a> {% endif %} {% if has_next %} <a href="?page={{ next }}"> &gt;&gt; </a>{% endif %}
+</td>
+</tr>
+{% endif %}
 </TBODY>
 </table>
 {% else %}
 <em>{% trans 'No row level permissions'%}</em>
 {% endif %}
+{% end_if_has_perm %}
+</div>
+</div>
+{% endblock %}
diff --git a/django/contrib/admin/urls.py b/django/contrib/admin/urls.py
index f36ea48eef..a14569d54a 100644
--- a/django/contrib/admin/urls.py
+++ b/django/contrib/admin/urls.py
@@ -30,7 +30,8 @@ urlpatterns = patterns('',
     #Row level permissions
     ('^auth/row_level_permission/(?P<ct_id>\d+)/(?P<rlp_id>\d+)/(?P<hash>\w+)/delete/$', 'django.contrib.admin.views.row_level_permissions.delete_row_level_permission'),
     ('^auth/row_level_permission/(?P<ct_id>\d+)/(?P<rlp_id>\d+)/(?P<hash>\w+)/change/$', 'django.contrib.admin.views.row_level_permissions.change_row_level_permission'),
-    ('^auth/row_level_permission/add/(?P<ct_id>\d+)/(?P<obj_id>\d+)/$', 'django.contrib.admin.views.row_level_permissions.add_row_level_permission'),    
+    ('^auth/row_level_permission/add/(?P<ct_id>\d+)/(?P<object_id>\d+)/$', 'django.contrib.admin.views.row_level_permissions.add_row_level_permission'),    
+    ('^auth/row_level_permission/view/(?P<ct_id>\d+)/(?P<object_id>\d+)/$', 'django.contrib.admin.views.row_level_permissions.edit_row_level_permissions'),
 
     # "Add user" -- a special-case view
     ('^auth/user/add/$', 'django.contrib.admin.views.auth.user_add_stage'),
@@ -40,6 +41,8 @@ urlpatterns = patterns('',
     ('^([^/]+)/([^/]+)/add/$', 'django.contrib.admin.views.main.add_stage'),
     ('^([^/]+)/([^/]+)/(.+)/history/$', 'django.contrib.admin.views.main.history'),
     ('^([^/]+)/([^/]+)/(.+)/delete/$', 'django.contrib.admin.views.main.delete_stage'),
+    ('^([^/]+)/([^/]+)/(.+)/row_level_permissions/$', 'django.contrib.admin.views.row_level_permissions.edit_row_level_permissions'),
+    ('^([^/]+)/([^/]+)/(.+)/row_level_permissions/add/$', 'django.contrib.admin.views.row_level_permissions.add_row_level_permission'),
     ('^([^/]+)/([^/]+)/(.+)/$', 'django.contrib.admin.views.main.change_stage'),
 )
 
diff --git a/django/contrib/admin/views/row_level_permissions.py b/django/contrib/admin/views/row_level_permissions.py
index 82485e88d8..43cef7c60f 100644
--- a/django/contrib/admin/views/row_level_permissions.py
+++ b/django/contrib/admin/views/row_level_permissions.py
@@ -1,47 +1,114 @@
 from django.contrib.admin import utils
+from django import forms, template
 from django.shortcuts import render_to_response, get_object_or_404
 from django.http import Http404, HttpResponse, HttpResponseRedirect
 from django.contrib.contenttypes.models import ContentType
 from django.contrib.auth.models import RowLevelPermission
+from django.contrib.admin.views import main
+from django.db import models
 from django.contrib.admin.row_level_perm_manipulator import AddRLPManipulator, ChangeRLPManipulator
 from django.core.exceptions import ImproperlyConfigured, ObjectDoesNotExist, PermissionDenied
+from django.core.paginator import ObjectPaginator, InvalidPage
 import simplejson
 
+def edit_row_level_permissions(request, app_label, model_name, object_id):
+    model = models.get_model(app_label, model_name)
+    object_id = main.unquote(object_id)
+    
+    model_ct = ContentType.objects.get_for_model(model)
+    model_instance = get_object_or_404(model, pk=object_id)
+    opts = model_instance._meta
+    
+    if not opts.row_level_permissions:
+        raise Http404
+    
+    if not request.user.has_perm(opts.app_label + '.' + opts.get_change_permission(), object=model_instance):
+        raise PermissionDenied
+    if not request.user.has_perm(RowLevelPermission._meta.app_label + '.' + RowLevelPermission._meta.get_change_permission()):
+        raise PermissionDenied    
+    
+    #TODO: For now takes the number per page from the model instance not the RLP object
+    paginator = ObjectPaginator(model_instance.row_level_permissions.order_by('owner_ct', 'owner_id'),
+                                opts.admin.list_per_page)
+    
+    page = int(request.GET.get('page', 0))
+    rlp_list = paginator.get_page(page)
+
+    c = template.RequestContext(request, {
+        'title': _('Edit Row Level Permissions'),
+        'object_id': object_id,
+        'content_type_id':model_ct.id,
+        'original': model_instance,
+        'opts':opts,
+        "is_paginated": paginator.has_next_page(0),
+        "has_next": paginator.has_next_page(page),
+        "has_previous": paginator.has_previous_page(page),
+        "page": page + 1,
+        "next": page + 1,
+        "previous": page - 1,
+    })   
+    
+    rlp_errors = rlp_new_data = {}
+    add_rlp_manip = AddRLPManipulator(model_instance, model_ct)
+    edit_rlp_manip = ChangeRLPManipulator(model_ct)
+    new_rlp_form = forms.FormWrapper(add_rlp_manip, rlp_new_data, rlp_errors)
+    empty_rlp_form = forms.FormWrapper(edit_rlp_manip, rlp_new_data, rlp_errors)
+    rlp_form_list = []
+    for r in rlp_list:
+        owner_val = str(r.owner_ct)+"-"+str(r.owner_id)
+        data = {'id':r.id, 'owner':owner_val, 'perm':r.permission.id, 'negative':r.negative}
+        rlp_form_list.append({'form':forms.FormWrapper(edit_rlp_manip, data, rlp_errors), 'rlp':r})
+    rlp_context = {'new_rlp_form':new_rlp_form, 
+               'rlp_form_list':rlp_form_list, 
+               'empty_rlp_form':empty_rlp_form,}
+    
+    c.update(rlp_context)
+    
+    return render_to_response([
+        "admin/%s/%s/row_level_permission.html" % (opts.app_label, opts.object_name.lower()),
+        "admin/%s/row_level_permission.html" % opts.app_label,
+        "admin/row_level_permission.html"], context_instance=c)
+
 def delete_row_level_permission(request, ct_id, rlp_id, hash):
     msg = {}
-    ajax = request.GET.has_key("ajax")
     if utils.verify_objref_hash(ct_id, rlp_id, hash):
         rlp = get_object_or_404(RowLevelPermission, pk=rlp_id)
         ct = rlp.model_ct
         obj = rlp.model
-        opts = rlp._meta
-        if not request.user.has_perm(opts.app_label + '.' + opts.get_delete_permission()):
+
+        if not request.user.has_perm(rlp._meta.app_label + '.' + rlp._meta.get_delete_permission()):
             raise PermissionDenied   
-        if not request.user.has_perm(obj._meta.app_label + '.' + obj._meta.get_change_permission()):
+        if not request.user.has_perm(obj._meta.app_label + '.' + obj._meta.get_change_permission(), object=obj):
             raise PermissionDenied           
+
         rlp.delete()
         msg = {"result":True, "text":_("Row level permission was successful deleted"), "id":rlp_id}
     else:
         msg = { 'result':False, 'text': _("row level permission not found (bad hash)" )}
-    if ajax:
-        return HttpResponse(simplejson.dumps(msg), 'text/javascript')
-    request.user.message_set.create(message=msg['text'])
-    #return HttpResponseRedirect("/edit/%s/%s" % (ct.model, obj.id))
-    return HttpResponseRedirect("../../../../../../%s/%s/%s" % (obj._meta.app_label, obj._meta.module_name , str(obj.id)))
 
-def add_row_level_permission(request, ct_id, obj_id):
+    request.user.message_set.create(message=result['text'])
+
+    return HttpResponseRedirect("../")
+#    return HttpResponseRedirect("%s?rlp_result=%s&rlp_msg=%s" % (request.META["HTTP_REFERER"], str(msg["result"]), main.quote(msg["text"])))
+    #return main.change_stage(request, main.quote(obj._meta.app_label), main.quote(obj._meta.object_name),
+    #                    main.quote(str(obj.id)), extra_context={"row_level_perm_msg":msg,})
+
+
+def add_row_level_permission(request, app_label, model_name, object_id):
     msg = {}
-    ajax = request.GET.has_key("ajax")
     if not request.POST:
         msg = { 'result':False, 'text': _("Only POSTs are allowed" )} 
-        if ajax:
-            return HttpResponse(simplejson.dumps(msg), 'text/javascript')
+
         request.user.message_set.create(message=msg['text'])
-        return HttpResponseRedirect("/edit/%s/%s" % (obj_type, obj_id))  
+        return HttpResponseRedirect("/edit/%s/%s" % (obj_type, object_id))  
 
-    ct = get_object_or_404(ContentType, pk=ct_id)
-    obj = get_object_or_404(ct.model_class(), pk=obj_id)
-    if not request.user.has_perm(obj._meta.app_label + '.' + obj._meta.get_change_permission()):
+    model = models.get_model(app_label, model_name)
+    object_id = main.unquote(object_id)
+    
+    ct = ContentType.objects.get_for_model(model)
+    obj = get_object_or_404(model, pk=object_id)
+    
+    if not request.user.has_perm(obj._meta.app_label + '.' + obj._meta.get_change_permission(), object=obj):
         raise PermissionDenied  
 
     if not request.user.has_perm(RowLevelPermission._meta.app_label + '.' + RowLevelPermission._meta.get_add_permission()):
@@ -64,17 +131,16 @@ def add_row_level_permission(request, ct_id, obj_id):
             msg = {"result":True, "text":_("Row level permission has successfully been added.")}
         else:
             msg = {"result":True, "text":_("Row level permissions have successfully been added.")}
-    if not ajax:
-        request.user.message_set.create(message=msg['text'])
-        return HttpResponseRedirect("../../../../../%s/%s/%s" % (obj._meta.app_label, obj._meta.module_name , str(obj.id)))
-    
     
     resp_list = []
     for rlp in rlp_list:
         hash = utils.create_objref(rlp)
         resp_list.append({"id":rlp.id, "permission":rlp.permission.id, "hash":hash})
     msg["results"]=resp_list
-    return HttpResponse(simplejson.dumps(msg), 'text/javascript')
+
+    #return main.change_stage(request, main.quote(obj._meta.app_label), main.quote(obj._meta.object_name),
+    #                    main.quote(str(obj.id)), extra_context={"row_level_perm_msg":msg,})
+    return HttpResponseRedirect("../")
 
 def change_row_level_permission(request, ct_id, rlp_id, hash):    
     msg = {}
@@ -96,8 +162,8 @@ def change_row_level_permission(request, ct_id, rlp_id, hash):
     if not request.user.has_perm(opts.app_label + '.' + opts.get_add_permission()):
         raise PermissionDenied  
 
-    object_model = rlp.model_ct.model_class()
-    if not request.user.has_perm(object_model._meta.app_label + '.' + object_model._meta.get_change_permission()):
+    obj = rlp.model
+    if not request.user.has_perm(rlp._meta.app_label + '.' + rlp._meta.get_change_permission(), object=obj):
         raise PermissionDenied
     
     manip = ChangeRLPManipulator()
@@ -114,5 +180,7 @@ def change_row_level_permission(request, ct_id, rlp_id, hash):
         msg = {"result":True, "text":_("Row level permission has successfully been changed"), "id":rlp_id}
     if ajax:
         return HttpResponse(simplejson.dumps(msg), 'text/javascript')
-    request.user.message_set.create(message=msg['text'])
-    return HttpResponseRedirect("../../../../../../%s/%s/%s" % (object_model._meta.app_label, object_model._meta.module_name , str(rlp.model_id)))
\ No newline at end of file
+    
+    request.POST = {}
+    return main.change_stage(request, main.quote(obj._meta.app_label), main.quote(obj._meta.object_name),
+                    main.quote(str(obj.id)), extra_context={"row_level_perm_msg":msg,})
\ No newline at end of file