blinkster: comparison web/lib/django/contrib/admin/sites.py

equal deleted inserted replaced

-:8d941af65caf
+:77b6da96e6f1
+import re
+from django import http, template
+from django.contrib.admin import ModelAdmin
+from django.contrib.admin import actions
+from django.contrib.auth import authenticate, login
+from django.views.decorators.csrf import csrf_protect
+from django.db.models.base import ModelBase
+from django.core.exceptions import ImproperlyConfigured
+from django.core.urlresolvers import reverse
+from django.shortcuts import render_to_response
+from django.utils.functional import update_wrapper
+from django.utils.safestring import mark_safe
+from django.utils.text import capfirst
+from django.utils.translation import ugettext_lazy, ugettext as _
+from django.views.decorators.cache import never_cache
+from django.conf import settings
+ERROR_MESSAGE = ugettext_lazy("Please enter a correct username and password. Note that both fields are case-sensitive.")
+LOGIN_FORM_KEY = 'this_is_the_login_form'
+class AlreadyRegistered(Exception):
+pass
+class NotRegistered(Exception):
+pass
+class AdminSite(object):
+"""
+An AdminSite object encapsulates an instance of the Django admin application, ready
+to be hooked in to your URLconf. Models are registered with the AdminSite using the
+register() method, and the root() method can then be used as a Django view function
+that presents a full admin interface for the collection of registered models.
+"""
+index_template = None
+app_index_template = None
+login_template = None
+logout_template = None
+password_change_template = None
+password_change_done_template = None
+def __init__(self, name=None, app_name='admin'):
+self._registry = {} # model_class class -> admin_class instance
+self.root_path = None
+if name is None:
+self.name = 'admin'
+else:
+self.name = name
+self.app_name = app_name
+self._actions = {'delete_selected': actions.delete_selected}
+self._global_actions = self._actions.copy()
+def register(self, model_or_iterable, admin_class=None, **options):
+"""
+Registers the given model(s) with the given admin class.
+The model(s) should be Model classes, not instances.
+If an admin class isn't given, it will use ModelAdmin (the default
+admin options). If keyword arguments are given -- e.g., list_display --
+they'll be applied as options to the admin class.
+If a model is already registered, this will raise AlreadyRegistered.
+"""
+if not admin_class:
+admin_class = ModelAdmin
+# Don't import the humongous validation code unless required
+if admin_class and settings.DEBUG:
+from django.contrib.admin.validation import validate
+else:
+validate = lambda model, adminclass: None
+if isinstance(model_or_iterable, ModelBase):
+model_or_iterable = [model_or_iterable]
+for model in model_or_iterable:
+if model in self._registry:
+raise AlreadyRegistered('The model %s is already registered' % model.__name__)
+# If we got **options then dynamically construct a subclass of
+# admin_class with those **options.
+if options:
+# For reasons I don't quite understand, without a __module__
+# the created class appears to "live" in the wrong place,
+# which causes issues later on.
+options['__module__'] = __name__
+admin_class = type("%sAdmin" % model.__name__, (admin_class,), options)
+# Validate (which might be a no-op)
+validate(admin_class, model)
+# Instantiate the admin class to save in the registry
+self._registry[model] = admin_class(model, self)
+def unregister(self, model_or_iterable):
+"""
+Unregisters the given model(s).
+If a model isn't already registered, this will raise NotRegistered.
+"""
+if isinstance(model_or_iterable, ModelBase):
+model_or_iterable = [model_or_iterable]
+for model in model_or_iterable:
+if model not in self._registry:
+raise NotRegistered('The model %s is not registered' % model.__name__)
+del self._registry[model]
+def add_action(self, action, name=None):
+"""
+Register an action to be available globally.
+"""
+name = name or action.__name__
+self._actions[name] = action
+self._global_actions[name] = action
+def disable_action(self, name):
+"""
+Disable a globally-registered action. Raises KeyError for invalid names.
+"""
+del self._actions[name]
+def get_action(self, name):
+"""
+Explicitally get a registered global action wheather it's enabled or
+not. Raises KeyError for invalid names.
+"""
+return self._global_actions[name]
+def actions(self):
+"""
+Get all the enabled actions as an iterable of (name, func).
+"""
+return self._actions.iteritems()
+actions = property(actions)
+def has_permission(self, request):
+"""
+Returns True if the given HttpRequest has permission to view
+*at least one* page in the admin site.
+"""
+return request.user.is_active and request.user.is_staff
+def check_dependencies(self):
+"""
+Check that all things needed to run the admin have been correctly installed.
+The default implementation checks that LogEntry, ContentType and the
+auth context processor are installed.
+"""
+from django.contrib.admin.models import LogEntry
+from django.contrib.contenttypes.models import ContentType
+if not LogEntry._meta.installed:
+raise ImproperlyConfigured("Put 'django.contrib.admin' in your "
+"INSTALLED_APPS setting in order to use the admin application.")
+if not ContentType._meta.installed:
+raise ImproperlyConfigured("Put 'django.contrib.contenttypes' in "
+"your INSTALLED_APPS setting in order to use the admin application.")
+if not ('django.contrib.auth.context_processors.auth' in settings.TEMPLATE_CONTEXT_PROCESSORS or
+'django.core.context_processors.auth' in settings.TEMPLATE_CONTEXT_PROCESSORS):
+raise ImproperlyConfigured("Put 'django.contrib.auth.context_processors.auth' "
+"in your TEMPLATE_CONTEXT_PROCESSORS setting in order to use the admin application.")
+def admin_view(self, view, cacheable=False):
+"""
+Decorator to create an admin view attached to this ``AdminSite``. This
+wraps the view and provides permission checking by calling
+``self.has_permission``.
+You'll want to use this from within ``AdminSite.get_urls()``:
+class MyAdminSite(AdminSite):
+def get_urls(self):
+from django.conf.urls.defaults import patterns, url
+urls = super(MyAdminSite, self).get_urls()
+urls += patterns('',
+url(r'^my_view/$', self.admin_view(some_view))
+)
+return urls
+By default, admin_views are marked non-cacheable using the
+``never_cache`` decorator. If the view can be safely cached, set
+cacheable=True.
+"""
+def inner(request, *args, **kwargs):
+if not self.has_permission(request):
+return self.login(request)
+return view(request, *args, **kwargs)
+if not cacheable:
+inner = never_cache(inner)
+# We add csrf_protect here so this function can be used as a utility
+# function for any view, without having to repeat 'csrf_protect'.
+if not getattr(view, 'csrf_exempt', False):
+inner = csrf_protect(inner)
+return update_wrapper(inner, view)
+def get_urls(self):
+from django.conf.urls.defaults import patterns, url, include
+if settings.DEBUG:
+self.check_dependencies()
+def wrap(view, cacheable=False):
+def wrapper(*args, **kwargs):
+return self.admin_view(view, cacheable)(*args, **kwargs)
+return update_wrapper(wrapper, view)
+# Admin-site-wide views.
+urlpatterns = patterns('',
+url(r'^$',
+wrap(self.index),
+name='index'),
+url(r'^logout/$',
+wrap(self.logout),
+name='logout'),
+url(r'^password_change/$',
+wrap(self.password_change, cacheable=True),
+name='password_change'),
+url(r'^password_change/done/$',
+wrap(self.password_change_done, cacheable=True),
+name='password_change_done'),
+url(r'^jsi18n/$',
+wrap(self.i18n_javascript, cacheable=True),
+name='jsi18n'),
+url(r'^r/(?P<content_type_id>\d+)/(?P<object_id>.+)/$',
+'django.views.defaults.shortcut'),
+url(r'^(?P<app_label>\w+)/$',
+wrap(self.app_index),
+name='app_list')
+)
+# Add in each model's views.
+for model, model_admin in self._registry.iteritems():
+urlpatterns += patterns('',
+url(r'^%s/%s/' % (model._meta.app_label, model._meta.module_name),
+include(model_admin.urls))
+)
+return urlpatterns
+def urls(self):
+return self.get_urls(), self.app_name, self.name
+urls = property(urls)
+def password_change(self, request):
+"""
+Handles the "change password" task -- both form display and validation.
+"""
+from django.contrib.auth.views import password_change
+if self.root_path is not None:
+url = '%spassword_change/done/' % self.root_path
+else:
+url = reverse('admin:password_change_done', current_app=self.name)
+defaults = {
+'post_change_redirect': url
+}
+if self.password_change_template is not None:
+defaults['template_name'] = self.password_change_template
+return password_change(request, **defaults)
+def password_change_done(self, request):
+"""
+Displays the "success" page after a password change.
+"""
+from django.contrib.auth.views import password_change_done
+defaults = {}
+if self.password_change_done_template is not None:
+defaults['template_name'] = self.password_change_done_template
+return password_change_done(request, **defaults)
+def i18n_javascript(self, request):
+"""
+Displays the i18n JavaScript that the Django admin requires.
+This takes into account the USE_I18N setting. If it's set to False, the
+generated JavaScript will be leaner and faster.
+"""
+if settings.USE_I18N:
+from django.views.i18n import javascript_catalog
+else:
+from django.views.i18n import null_javascript_catalog as javascript_catalog
+return javascript_catalog(request, packages='django.conf')
+def logout(self, request):
+"""
+Logs out the user for the given HttpRequest.
+This should *not* assume the user is already logged in.
+"""
+from django.contrib.auth.views import logout
+defaults = {}
+if self.logout_template is not None:
+defaults['template_name'] = self.logout_template
+return logout(request, **defaults)
+logout = never_cache(logout)
+def login(self, request):
+"""
+Displays the login form for the given HttpRequest.
+"""
+from django.contrib.auth.models import User
+# If this isn't already the login page, display it.
+if not request.POST.has_key(LOGIN_FORM_KEY):
+if request.POST:
+message = _("Please log in again, because your session has expired.")
+else:
+message = ""
+return self.display_login_form(request, message)
+# Check that the user accepts cookies.
+if not request.session.test_cookie_worked():
+message = _("Looks like your browser isn't configured to accept cookies. Please enable cookies, reload this page, and try again.")
+return self.display_login_form(request, message)
+else:
+request.session.delete_test_cookie()
+# Check the password.
+username = request.POST.get('username', None)
+password = request.POST.get('password', None)
+user = authenticate(username=username, password=password)
+if user is None:
+message = ERROR_MESSAGE
+if username is not None and u'@' in username:
+# Mistakenly entered e-mail address instead of username? Look it up.
+try:
+user = User.objects.get(email=username)
+except (User.DoesNotExist, User.MultipleObjectsReturned):
+message = _("Usernames cannot contain the '@' character.")
+else:
+if user.check_password(password):
+message = _("Your e-mail address is not your username."
+" Try '%s' instead.") % user.username
+else:
+message = _("Usernames cannot contain the '@' character.")
+return self.display_login_form(request, message)
+# The user data is correct; log in the user in and continue.
+else:
+if user.is_active and user.is_staff:
+login(request, user)
+return http.HttpResponseRedirect(request.get_full_path())
+else:
+return self.display_login_form(request, ERROR_MESSAGE)
+login = never_cache(login)
+def index(self, request, extra_context=None):
+"""
+Displays the main admin index page, which lists all of the installed
+apps that have been registered in this site.
+"""
+app_dict = {}
+user = request.user
+for model, model_admin in self._registry.items():
+app_label = model._meta.app_label
+has_module_perms = user.has_module_perms(app_label)
+if has_module_perms:
+perms = model_admin.get_model_perms(request)
+# Check whether user has any perm for this module.
+# If so, add the module to the model_list.
+if True in perms.values():
+model_dict = {
+'name': capfirst(model._meta.verbose_name_plural),
+'admin_url': mark_safe('%s/%s/' % (app_label, model.__name__.lower())),
+'perms': perms,
+}
+if app_label in app_dict:
+app_dict[app_label]['models'].append(model_dict)
+else:
+app_dict[app_label] = {
+'name': app_label.title(),
+'app_url': app_label + '/',
+'has_module_perms': has_module_perms,
+'models': [model_dict],
+}
+# Sort the apps alphabetically.
+app_list = app_dict.values()
+app_list.sort(lambda x, y: cmp(x['name'], y['name']))
+# Sort the models alphabetically within each app.
+for app in app_list:
+app['models'].sort(lambda x, y: cmp(x['name'], y['name']))
+context = {
+'title': _('Site administration'),
+'app_list': app_list,
+'root_path': self.root_path,
+}
+context.update(extra_context or {})
+context_instance = template.RequestContext(request, current_app=self.name)
+return render_to_response(self.index_template or 'admin/index.html', context,
+context_instance=context_instance
+)
+index = never_cache(index)
+def display_login_form(self, request, error_message='', extra_context=None):
+request.session.set_test_cookie()
+context = {
+'title': _('Log in'),
+'app_path': request.get_full_path(),
+'error_message': error_message,
+'root_path': self.root_path,
+}
+context.update(extra_context or {})
+context_instance = template.RequestContext(request, current_app=self.name)
+return render_to_response(self.login_template or 'admin/login.html', context,
+context_instance=context_instance
+)
+def app_index(self, request, app_label, extra_context=None):
+user = request.user
+has_module_perms = user.has_module_perms(app_label)
+app_dict = {}
+for model, model_admin in self._registry.items():
+if app_label == model._meta.app_label:
+if has_module_perms:
+perms = model_admin.get_model_perms(request)
+# Check whether user has any perm for this module.
+# If so, add the module to the model_list.
+if True in perms.values():
+model_dict = {
+'name': capfirst(model._meta.verbose_name_plural),
+'admin_url': '%s/' % model.__name__.lower(),
+'perms': perms,
+}
+if app_dict:
+app_dict['models'].append(model_dict),
+else:
+# First time around, now that we know there's
+# something to display, add in the necessary meta
+# information.
+app_dict = {
+'name': app_label.title(),
+'app_url': '',
+'has_module_perms': has_module_perms,
+'models': [model_dict],
+}
+if not app_dict:
+raise http.Http404('The requested admin page does not exist.')
+# Sort the models alphabetically within each app.
+app_dict['models'].sort(lambda x, y: cmp(x['name'], y['name']))
+context = {
+'title': _('%s administration') % capfirst(app_label),
+'app_list': [app_dict],
+'root_path': self.root_path,
+}
+context.update(extra_context or {})
+context_instance = template.RequestContext(request, current_app=self.name)
+return render_to_response(self.app_index_template or ('admin/%s/app_index.html' % app_label,
+'admin/app_index.html'), context,
+context_instance=context_instance
+)
+def root(self, request, url):
+"""
+DEPRECATED. This function is the old way of handling URL resolution, and
+is deprecated in favor of real URL resolution -- see ``get_urls()``.
+This function still exists for backwards-compatibility; it will be
+removed in Django 1.3.
+"""
+import warnings
+warnings.warn(
+"AdminSite.root() is deprecated; use include(admin.site.urls) instead.",
+DeprecationWarning
+)
+#
+# Again, remember that the following only exists for
+# backwards-compatibility. Any new URLs, changes to existing URLs, or
+# whatever need to be done up in get_urls(), above!
+#
+if request.method == 'GET' and not request.path.endswith('/'):
+return http.HttpResponseRedirect(request.path + '/')
+if settings.DEBUG:
+self.check_dependencies()
+# Figure out the admin base URL path and stash it for later use
+self.root_path = re.sub(re.escape(url) + '$', '', request.path)
+url = url.rstrip('/') # Trim trailing slash, if it exists.
+# The 'logout' view doesn't require that the person is logged in.
+if url == 'logout':
+return self.logout(request)
+# Check permission to continue or display login form.
+if not self.has_permission(request):
+return self.login(request)
+if url == '':
+return self.index(request)
+elif url == 'password_change':
+return self.password_change(request)
+elif url == 'password_change/done':
+return self.password_change_done(request)
+elif url == 'jsi18n':
+return self.i18n_javascript(request)
+# URLs starting with 'r/' are for the "View on site" links.
+elif url.startswith('r/'):
+from django.contrib.contenttypes.views import shortcut
+return shortcut(request, *url.split('/')[1:])
+else:
+if '/' in url:
+return self.model_page(request, *url.split('/', 2))
+else:
+return self.app_index(request, url)
+raise http.Http404('The requested admin page does not exist.')
+def model_page(self, request, app_label, model_name, rest_of_url=None):
+"""
+DEPRECATED. This is the old way of handling a model view on the admin
+site; the new views should use get_urls(), above.
+"""
+from django.db import models
+model = models.get_model(app_label, model_name)
+if model is None:
+raise http.Http404("App %r, model %r, not found." % (app_label, model_name))
+try:
+admin_obj = self._registry[model]
+except KeyError:
+raise http.Http404("This model exists but has not been registered with the admin site.")
+return admin_obj(request, rest_of_url)
+model_page = never_cache(model_page)
+# This global object represents the default admin site, for the common case.
+# You can instantiate AdminSite in your own code to create a custom admin site.
+site = AdminSite()