# HG changeset patch # User verrierj # Date 1321453704 -3600 # Node ID bee98775a8e84a522236def6b8085a0b5d131707 # Parent 8649bd4f2443f49a7826218691e0a5f339973c1f Clean code of SafeManager diff -r 8649bd4f2443 -r bee98775a8e8 src/ldt/ldt/security/manager.py --- a/src/ldt/ldt/security/manager.py Wed Nov 16 12:34:49 2011 +0100 +++ b/src/ldt/ldt/security/manager.py Wed Nov 16 15:28:24 2011 +0100 @@ -4,30 +4,22 @@ class SafeManager(Manager): - def __init__(self, user=None): - super(SafeManager, self).__init__() - if user: - self.check_perm_for(user) - else: - self.user = get_current_user() - - def check_perm_for(self, user): + def __init__(self, user=None, check_perm=True): + super(SafeManager, self).__init__() self.user = user + self.check_perm = check_perm - def stop_checking(self): - self.user = None - - def has_user(self): - return self.user != None - - def get_query_set(self): - if not self.has_user(): + def get_query_set(self): + if not self.check_perm: return super(SafeManager, self).get_query_set() - # raise AttributeError("A user has to be chosen to check permissions.") + + if not self.user: + self.user = get_current_user() + #raise AttributeError("A user has to be chosen to check permissions.") - perm_name = 'ldt_utils.view_%s' % self.model.__name__.lower() + perm_name = '%s.view_%s' % (self.model._meta.app_label, self.model.__name__.lower()) - # call parent query_set below - user_objects = get_objects_for_user(self.user, perm_name) + user_objects = get_objects_for_user(self.user, perm_name, klass=self.model.objects) return user_objects + \ No newline at end of file diff -r 8649bd4f2443 -r bee98775a8e8 src/ldt/ldt/security/models.py --- a/src/ldt/ldt/security/models.py Wed Nov 16 12:34:49 2011 +0100 +++ b/src/ldt/ldt/security/models.py Wed Nov 16 15:28:24 2011 +0100 @@ -2,7 +2,7 @@ from manager import SafeManager class SafeModel(models.Model): - objects = models.Manager() + objects = SafeManager(check_perm=False) safe_objects = SafeManager() class Meta: diff -r 8649bd4f2443 -r bee98775a8e8 src/ldt/ldt/security/utils.py --- a/src/ldt/ldt/security/utils.py Wed Nov 16 12:34:49 2011 +0100 +++ b/src/ldt/ldt/security/utils.py Wed Nov 16 15:28:24 2011 +0100 @@ -31,20 +31,20 @@ cls_list = [] for cls_name in settings.USE_GROUP_PERMISSIONS: - cls_type = ContentType.objects.get(app_label='ldt_utils', model=cls_name.lower()) + cls_type = ContentType.objects.get(model=cls_name.lower()) cls_list.append(cls_type.model_class()) ToProtect.cls_list = cls_list return cls_list def protect_model(cls, user): - cls.safe_objects.check_perm_for(user) + cls.safe_objects.user = user cls.old_save = cls.save cls.old_delete = cls.delete class_name = cls.__name__.lower() - cls.save = change_security(class_name)(cls.save) - cls.delete = change_security(class_name)(cls.delete) + cls.save = change_security(user, class_name)(cls.save) + cls.delete = change_security(user, class_name)(cls.delete) def unprotect_model(cls): if hasattr(cls, 'old_save'): @@ -53,10 +53,9 @@ del cls.old_save del cls.old_delete -def change_security(cls_name): +def change_security(user, cls_name): def wrapper(func): - def wrapped(self, *args, **kwargs): - user = get_current_user() + def wrapped(self, *args, **kwargs): if self.pk and not user.has_perm('change_%s' % cls_name, self): raise AttributeError('User %s is not allowed to change object %s' % (user, self)) diff -r 8649bd4f2443 -r bee98775a8e8 src/ldt/ldt/settings.py --- a/src/ldt/ldt/settings.py Wed Nov 16 12:34:49 2011 +0100 +++ b/src/ldt/ldt/settings.py Wed Nov 16 15:28:24 2011 +0100 @@ -82,6 +82,6 @@ WEB_VERSION = getattr(settings, 'WEB_VERSION', '') ANONYOUS_USER_ID = -1 -USE_GROUP_PERMISSIONS=False +USE_GROUP_PERMISSIONS = ['Project', 'Content'] diff -r 8649bd4f2443 -r bee98775a8e8 web/ldtplatform/settings.py --- a/web/ldtplatform/settings.py Wed Nov 16 12:34:49 2011 +0100 +++ b/web/ldtplatform/settings.py Wed Nov 16 15:28:24 2011 +0100 @@ -209,8 +209,6 @@ WEB_VERSION = ldtplatform.get_version() -PUBLIC_GROUP_NAME = 'published_projects' - from config import * if not "LOGIN_URL" in locals():