From 7d1b4295b9779788b4cbd4b7bb99240807c62aa3 Mon Sep 17 00:00:00 2001
From: Jacob Kaplan-Moss <jacob@jacobian.org>
Date: Wed, 8 Apr 2009 19:47:46 +0000
Subject: [PATCH] Fixed #9036: unified the permission checking in `AdminSite`,
 pushing it down to the `ModelAdmin` where it belongs.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@10451 bcc190cf-cafb-0310-a4f2-bffc1f526a37
---
 django/contrib/admin/options.py | 12 ++++++++++++
 django/contrib/admin/sites.py   | 13 +++----------
 2 files changed, 15 insertions(+), 10 deletions(-)

diff --git a/django/contrib/admin/options.py b/django/contrib/admin/options.py
index 8035caf1db..e798587040 100644
--- a/django/contrib/admin/options.py
+++ b/django/contrib/admin/options.py
@@ -291,6 +291,18 @@ class ModelAdmin(BaseModelAdmin):
         opts = self.opts
         return request.user.has_perm(opts.app_label + '.' + opts.get_delete_permission())
 
+    def get_model_perms(self, request):
+        """
+        Returns a dict of all perms for this model. This dict has the keys
+        ``add``, ``change``, and ``delete`` mapping to the True/False for each
+        of those actions.
+        """
+        return {
+            'add': self.has_add_permission(request),
+            'change': self.has_change_permission(request),
+            'delete': self.has_delete_permission(request),
+        }
+
     def queryset(self, request):
         """
         Returns a QuerySet of all model instances that can be edited by the
diff --git a/django/contrib/admin/sites.py b/django/contrib/admin/sites.py
index c0fd2cc758..6e9ef1161f 100644
--- a/django/contrib/admin/sites.py
+++ b/django/contrib/admin/sites.py
@@ -328,11 +328,7 @@ class AdminSite(object):
             has_module_perms = user.has_module_perms(app_label)
 
             if has_module_perms:
-                perms = {
-                    'add': model_admin.has_add_permission(request),
-                    'change': model_admin.has_change_permission(request),
-                    'delete': model_admin.has_delete_permission(request),
-                }
+                perms = model_admin.get_model_perms(request)
 
                 # Check whether user has any perm for this module.
                 # If so, add the module to the model_list.
@@ -391,11 +387,8 @@ class AdminSite(object):
         for model, model_admin in self._registry.items():
             if app_label == model._meta.app_label:
                 if has_module_perms:
-                    perms = {
-                        'add': user.has_perm("%s.%s" % (app_label, model._meta.get_add_permission())),
-                        'change': user.has_perm("%s.%s" % (app_label, model._meta.get_change_permission())),
-                        'delete': user.has_perm("%s.%s" % (app_label, model._meta.get_delete_permission())),
-                    }
+                    perms = model_admin.get_model_perms(request)
+
                     # Check whether user has any perm for this module.
                     # If so, add the module to the model_list.
                     if True in perms.values():