[per-object-permissions] Fixes problem with one-to-one relationships as the original code assumed every model had an id attribute, now uses "_get_pk_val()" to determine the model id.

git-svn-id: http://code.djangoproject.com/svn/django/branches/per-object-permissions@3752 bcc190cf-cafb-0310-a4f2-bffc1f526a37
author: Christopher Long <indirecthit@gmail.com> 2006-09-12 15:04:29 +0000
committer: Christopher Long <indirecthit@gmail.com> 2006-09-12 15:04:29 +0000
commit: 00972e69b6143e7cafd34661366cfe8e8975470b (patch)
tree: 9a7442b78163f142c719673843b33db6f04a08b6 /django
parent: e12c2f83e0109a8e78954c8a176aa42b28ea96dc (diff)
download: django-00972e69b6143e7cafd34661366cfe8e8975470b.tar.gz
3 files changed, 11 insertions, 8 deletions
diff --git a/django/contrib/admin/row_level_perm_manipulator.py b/django/contrib/admin/row_level_perm_manipulator.py
index bfe8362d60..ce3175ceeb 100644
--- a/django/contrib/admin/row_level_perm_manipulator.py
+++ b/django/contrib/admin/row_level_perm_manipulator.py
@@ -33,13 +33,14 @@ class ChangeRLPManipulator(forms.Manipulator):
 
         model_ct = rlp.model_ct
         model = model_ct.get_object_for_this_type (pk=rlp.model_id)
+        model_id = rlp.model_id
         
         perm = Permission.objects.get(pk=new_data['perm'])
         
         
         field_name_list = ('owner_ct', 'owner_id', 'model_ct', 'model_id', 'permission')
         field_data = owner_ct.id
-        all_data = {'owner_id':owner.id, 'model_ct_id':model_ct.id, 'model_id':model.id, 'permission_id':perm.id}
+        all_data = {'owner_id':owner.id, 'model_ct_id':model_ct.id, 'model_id':model_id, 'permission_id':perm.id}
         manipulators.manipulator_validator_unique_together(field_name_list, self.opts, self, field_data, all_data)
         
         rlp.owner = owner
diff --git a/django/contrib/admin/views/row_level_permissions.py b/django/contrib/admin/views/row_level_permissions.py
index 49851e8093..5ab9ab5ebd 100644
--- a/django/contrib/admin/views/row_level_permissions.py
+++ b/django/contrib/admin/views/row_level_permissions.py
@@ -128,10 +128,8 @@ def delete_row_level_permission(request, app_label, model_name, object_id, ct_id
             raise PermissionDenied
 
         if not request.user.has_perm(rlp._meta.app_label + '.' + rlp._meta.get_delete_permission()):
-            print "BAM"
             raise PermissionDenied   
         if not request.user.has_perm(obj._meta.app_label + '.' + obj._meta.get_change_permission(), object=obj):
-            print "BOOM"
             raise PermissionDenied           
 
         rlp.delete()
@@ -218,7 +216,9 @@ def change_row_level_permission(request, app_label, model_name, object_id, ct_id
         raise PermissionDenied  
 
     obj = rlp.model
-    if model_instance.id is not obj.id:
+    model_id = model_instance._get_pk_val()
+    object_id = obj._get_pk_val()
+    if model_id is not object_id:
         raise PermissionDenied
     
     if not request.user.has_perm(rlp._meta.app_label + '.' + rlp._meta.get_change_permission(), object=obj):
diff --git a/django/contrib/auth/models.py b/django/contrib/auth/models.py
index e27ee95096..44ac167020 100644
--- a/django/contrib/auth/models.py
+++ b/django/contrib/auth/models.py
@@ -54,8 +54,8 @@ class RowLevelPermissionManager(models.Manager):
             permission = Permission.objects.get(codename__exact=permission, content_type=model_ct.id)
         if model_ct != permission.content_type:
             raise TypeError, "Invalid value: Permission content type(%s) and object content type(%s) do not match" % (permission.content_type, type_ct)
-        
-        rowLvlPerm = self.model(model_id=model_instance.id, model_ct=model_ct,
+        model_id = model_instance._get_pk_val()
+        rowLvlPerm = self.model(model_id=model_id, model_ct=model_ct,
                                                  owner_id=owner.id, owner_ct=ContentType.objects.get_for_model(owner),
                                                  permission=permission, negative=negative)
         rowLvlPerm.save()
@@ -287,7 +287,8 @@ class User(models.Model):
             except Permission.DoesNotExist:
                 return False
         try:
-            row_level_perm=self.row_level_permissions_owned.get(model_id=object.id, 
+            model_id = object._get_pk_val()
+            row_level_perm=self.row_level_permissions_owned.get(model_id=model_id, 
                                                                     model_ct=object_ct.id, 
                                                                     permission=permission.id)
         except RowLevelPermission.DoesNotExist:
@@ -303,6 +304,7 @@ class User(models.Model):
         #AND rlp."model_id"=%s
         #AND rlp."model_ct_id"=%s
         #AND rlp."permission_id"=%s;
+        model_id = object._get_pk_val()
         cursor = connection.cursor()        
         sql = """
             SELECT rlp.%s
@@ -322,7 +324,7 @@ class User(models.Model):
             backend.quote_name('negative'))
         cursor.execute(sql, [self.id, 
                              ContentType.objects.get_for_model(Group).id, 
-                             object.id,
+                             model_id,
                              ContentType.objects.get_for_model(object).id,
                              permission.id,])
         row = cursor.fetchone()
author	Christopher Long <indirecthit@gmail.com>	2006-09-12 15:04:29 +0000
committer	Christopher Long <indirecthit@gmail.com>	2006-09-12 15:04:29 +0000
commit	00972e69b6143e7cafd34661366cfe8e8975470b (patch)
tree	9a7442b78163f142c719673843b33db6f04a08b6 /django
parent	e12c2f83e0109a8e78954c8a176aa42b28ea96dc (diff)
download	django-00972e69b6143e7cafd34661366cfe8e8975470b.tar.gz