Fixed #9036: unified the permission checking in `AdminSite`, pushing it down to the `ModelAdmin` where it belongs.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10451 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
parent
28f6b71623
commit
7d1b4295b9
|
@ -291,6 +291,18 @@ class ModelAdmin(BaseModelAdmin):
|
||||||
opts = self.opts
|
opts = self.opts
|
||||||
return request.user.has_perm(opts.app_label + '.' + opts.get_delete_permission())
|
return request.user.has_perm(opts.app_label + '.' + opts.get_delete_permission())
|
||||||
|
|
||||||
|
def get_model_perms(self, request):
|
||||||
|
"""
|
||||||
|
Returns a dict of all perms for this model. This dict has the keys
|
||||||
|
``add``, ``change``, and ``delete`` mapping to the True/False for each
|
||||||
|
of those actions.
|
||||||
|
"""
|
||||||
|
return {
|
||||||
|
'add': self.has_add_permission(request),
|
||||||
|
'change': self.has_change_permission(request),
|
||||||
|
'delete': self.has_delete_permission(request),
|
||||||
|
}
|
||||||
|
|
||||||
def queryset(self, request):
|
def queryset(self, request):
|
||||||
"""
|
"""
|
||||||
Returns a QuerySet of all model instances that can be edited by the
|
Returns a QuerySet of all model instances that can be edited by the
|
||||||
|
|
|
@ -328,11 +328,7 @@ class AdminSite(object):
|
||||||
has_module_perms = user.has_module_perms(app_label)
|
has_module_perms = user.has_module_perms(app_label)
|
||||||
|
|
||||||
if has_module_perms:
|
if has_module_perms:
|
||||||
perms = {
|
perms = model_admin.get_model_perms(request)
|
||||||
'add': model_admin.has_add_permission(request),
|
|
||||||
'change': model_admin.has_change_permission(request),
|
|
||||||
'delete': model_admin.has_delete_permission(request),
|
|
||||||
}
|
|
||||||
|
|
||||||
# Check whether user has any perm for this module.
|
# Check whether user has any perm for this module.
|
||||||
# If so, add the module to the model_list.
|
# If so, add the module to the model_list.
|
||||||
|
@ -391,11 +387,8 @@ class AdminSite(object):
|
||||||
for model, model_admin in self._registry.items():
|
for model, model_admin in self._registry.items():
|
||||||
if app_label == model._meta.app_label:
|
if app_label == model._meta.app_label:
|
||||||
if has_module_perms:
|
if has_module_perms:
|
||||||
perms = {
|
perms = model_admin.get_model_perms(request)
|
||||||
'add': user.has_perm("%s.%s" % (app_label, model._meta.get_add_permission())),
|
|
||||||
'change': user.has_perm("%s.%s" % (app_label, model._meta.get_change_permission())),
|
|
||||||
'delete': user.has_perm("%s.%s" % (app_label, model._meta.get_delete_permission())),
|
|
||||||
}
|
|
||||||
# Check whether user has any perm for this module.
|
# Check whether user has any perm for this module.
|
||||||
# If so, add the module to the model_list.
|
# If so, add the module to the model_list.
|
||||||
if True in perms.values():
|
if True in perms.values():
|
||||||
|
|
Loading…
Reference in New Issue