mirror of https://github.com/django/django.git
Fixed #9036: unified the permission checking in `AdminSite`, pushing it down to the `ModelAdmin` where it belongs.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10451 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
parent
28f6b71623
commit
7d1b4295b9
|
@ -291,6 +291,18 @@ class ModelAdmin(BaseModelAdmin):
|
|||
opts = self.opts
|
||||
return request.user.has_perm(opts.app_label + '.' + opts.get_delete_permission())
|
||||
|
||||
def get_model_perms(self, request):
|
||||
"""
|
||||
Returns a dict of all perms for this model. This dict has the keys
|
||||
``add``, ``change``, and ``delete`` mapping to the True/False for each
|
||||
of those actions.
|
||||
"""
|
||||
return {
|
||||
'add': self.has_add_permission(request),
|
||||
'change': self.has_change_permission(request),
|
||||
'delete': self.has_delete_permission(request),
|
||||
}
|
||||
|
||||
def queryset(self, request):
|
||||
"""
|
||||
Returns a QuerySet of all model instances that can be edited by the
|
||||
|
|
|
@ -328,11 +328,7 @@ class AdminSite(object):
|
|||
has_module_perms = user.has_module_perms(app_label)
|
||||
|
||||
if has_module_perms:
|
||||
perms = {
|
||||
'add': model_admin.has_add_permission(request),
|
||||
'change': model_admin.has_change_permission(request),
|
||||
'delete': model_admin.has_delete_permission(request),
|
||||
}
|
||||
perms = model_admin.get_model_perms(request)
|
||||
|
||||
# Check whether user has any perm for this module.
|
||||
# If so, add the module to the model_list.
|
||||
|
@ -391,11 +387,8 @@ class AdminSite(object):
|
|||
for model, model_admin in self._registry.items():
|
||||
if app_label == model._meta.app_label:
|
||||
if has_module_perms:
|
||||
perms = {
|
||||
'add': user.has_perm("%s.%s" % (app_label, model._meta.get_add_permission())),
|
||||
'change': user.has_perm("%s.%s" % (app_label, model._meta.get_change_permission())),
|
||||
'delete': user.has_perm("%s.%s" % (app_label, model._meta.get_delete_permission())),
|
||||
}
|
||||
perms = model_admin.get_model_perms(request)
|
||||
|
||||
# Check whether user has any perm for this module.
|
||||
# If so, add the module to the model_list.
|
||||
if True in perms.values():
|
||||
|
|
Loading…
Reference in New Issue