--- a/src/ldt/ldt/ldt_utils/models.py Tue Dec 13 14:46:29 2011 +0100
+++ b/src/ldt/ldt/ldt_utils/models.py Tue Dec 13 15:46:34 2011 +0100
@@ -321,7 +321,7 @@
everyone = Group.objects.get(name=settings.PUBLIC_GROUP_NAME)
if value:
assign('view_content', everyone, self)
- assign('view_media', everyone, self)
+ assign('view_media', everyone, self.media_obj)
else:
remove_perm('view_content', everyone, self)
remove_perm('vew_media', everyone, self.media_obj)
--- a/src/ldt/ldt/ldt_utils/views.py Tue Dec 13 14:46:29 2011 +0100
+++ b/src/ldt/ldt/ldt_utils/views.py Tue Dec 13 15:46:34 2011 +0100
@@ -24,7 +24,7 @@
from ldt.ldt_utils.utils import boolean_convert, LdtUtils, LdtSearch
from ldt.security.utils import (assign_perm_to_obj, set_forbidden_stream,
add_change_attr, get_userlist, get_userlist_model, get_userlist_group)
-from ldt.security.cache import get_checker_for, assign
+from ldt.security.cache import get_cached_checker, cached_assign
from lxml.html import fragment_fromstring
from models import Media, Project
from projectserializer import ProjectSerializer
@@ -67,7 +67,7 @@
# get list of all published projects
group_list = request.user.groups.exclude(name=settings.PUBLIC_GROUP_NAME)
- checker = get_checker_for(request.user)
+ checker = get_cached_checker(request.user)
group_list = sorted(group_list.all(), key=lambda group: group.name.lower())
@@ -228,7 +228,7 @@
group_list = group_list.exclude(name=settings.PUBLIC_GROUP_NAME)
group_list = sorted(group_list.all(), key=lambda group: group.name.lower())
- checker = get_checker_for(request.user)
+ checker = get_cached_checker(request.user)
for g in group_list:
if checker.has_perm('change_group', g):
g.change = True
@@ -1082,7 +1082,7 @@
mimetype = mimetypes.guess_type(cleaned_data['src'])
cleaned_data['mimetype_field'] = mimetype
media, created = Media.safe_objects.get_or_create(src=cleaned_data['src'], defaults=cleaned_data) #@UndefinedVariable
- assign('view_media', request.user, media)
+ cached_assign('view_media', request.user, media)
else:
media = None
@@ -1094,8 +1094,8 @@
if not mimetype:
mimetype = mimetypes.guess_type(media.src)
media.mimetype_field = mimetype
- assign('view_media', request.user, media)
- assign('change_media', request.user, media)
+ cached_assign('view_media', request.user, media)
+ cached_assign('change_media', request.user, media)
media.save()
if form_status != "error":
@@ -1108,14 +1108,14 @@
content, created = Content.safe_objects.get_or_create(iri_id=content_form.cleaned_data['iri_id'], defaults=content_defaults) #@UndefinedVariable
- assign('change_content', request.user, content)
- assign('view_content', request.user, content)
+ cached_assign('change_content', request.user, content)
+ cached_assign('view_content', request.user, content)
everyone = Group.objects.get(name=settings.PUBLIC_GROUP_NAME)
if content_form.cleaned_data['is_public']:
- assign('view_content', everyone, content)
+ cached_assign('view_content', everyone, content)
if media:
- assign('view_media', everyone, media)
+ cached_assign('view_media', everyone, media)
else:
remove_perm('view_content', everyone, content)
assign_perm_to_obj(content, content_form.cleaned_data['read_list'], content_form.cleaned_data['write_list'], request.user)
@@ -1292,15 +1292,15 @@
group = Group.objects.create(name=name)
group.save()
- assign('is_owner_group', request.user, group)
- assign('change_group', request.user, group)
+ cached_assign('is_owner_group', request.user, group)
+ cached_assign('change_group', request.user, group)
request.user.groups.add(group)
for elem in members_list:
if hasattr(elem, 'username'):
elem.groups.add(group)
if elem in admin_list:
- assign('change_group', elem, group)
+ cached_assign('change_group', elem, group)
form_status = 'saved'
@@ -1312,7 +1312,7 @@
@login_required
def update_group(request, group_id):
group = get_object_or_404(Group, id=group_id)
- checker = get_checker_for(request.user)
+ checker = get_cached_checker(request.user)
if not checker.has_perm('change_group', group):
form_status = 'none'
@@ -1344,7 +1344,7 @@
group.user_set.add(user)
if is_owner_group:
if user in admin_list:
- assign('change_group', user, group)
+ cached_assign('change_group', user, group)
else:
remove_perm('change_group', user, group)
--- a/src/ldt/ldt/security/cache.py Tue Dec 13 14:46:29 2011 +0100
+++ b/src/ldt/ldt/security/cache.py Tue Dec 13 15:46:34 2011 +0100
@@ -1,8 +1,11 @@
from django.core.cache import cache
+from django.conf import settings
from guardian.core import ObjectPermissionChecker
+from django.contrib.auth.models import User
+from django.db.models import Q
from guardian.shortcuts import assign
-def get_checker_for(user):
+def get_cached_checker(user):
key_name = 'checker_%s' % user.username
checker = cache.get(key_name)
@@ -14,12 +17,23 @@
return checker
-def assign(perm, user_or_group, object):
+def cached_assign(perm, user_or_group, object):
assign(perm, user_or_group, object)
- if hasattr('username', user_or_group):
+ if hasattr(user_or_group, 'username'):
key = 'checker_%s' % user_or_group.username
else:
key = 'checker_%s' % user_or_group.name
- cache.delete('checker_%s' % key)
\ No newline at end of file
+ cache.delete('checker_%s' % key)
+
+
+def get_cached_userlist():
+ userlist = cache.get('userlist')
+ if userlist:
+ return userlist
+
+ query = Q(id=settings.ANONYMOUS_USER_ID) | Q(is_superuser=True)
+ userlist = User.objects.exclude(query)
+ cache.set('userlist', userlist)
+ return userlist
\ No newline at end of file
--- a/src/ldt/ldt/security/utils.py Tue Dec 13 14:46:29 2011 +0100
+++ b/src/ldt/ldt/security/utils.py Tue Dec 13 15:46:34 2011 +0100
@@ -1,9 +1,7 @@
from django.conf import settings
from django.contrib.contenttypes.models import ContentType
-from django.contrib.auth.models import User
-from django.db.models import Q
from guardian.shortcuts import assign, remove_perm, get_users_with_perms, get_groups_with_perms
-from cache import get_checker_for
+from cache import get_cached_checker, get_cached_userlist
try:
from threading import local
@@ -26,8 +24,7 @@
if cls_list:
user = get_current_user()
for cls in ToProtect.get_models():
- protect_model(cls, user)
-
+ protect_model(cls, user)
def unprotect_models():
for cls in ToProtect.get_models():
@@ -105,7 +102,7 @@
cls = ctype.model_class()
if model_name in [cls_name.lower() for cls_name in settings.USE_GROUP_PERMISSIONS]:
- checker = get_checker_for(user)
+ checker = get_cached_checker(user)
else:
checker = None
@@ -142,8 +139,7 @@
remove_perms(read_list, old_groups, object, name)
def get_userlist(user, filter=None):
- query = Q(id=settings.ANONYMOUS_USER_ID) | Q(id=user.id) | Q(is_superuser=True)
- user_list = User.objects.exclude(query)
+ user_list = get_cached_userlist().exclude(id=user.id)
if filter:
user_list = user_list.filter(username__icontains=filter)
elem_list = [{'name': u.username, 'id': u.id, 'type': 'user'} for u in user_list[0:settings.MAX_USERS_SEARCH]]
--- a/src/ldt/ldt/static/ldt/css/ldtform.css Tue Dec 13 14:46:29 2011 +0100
+++ b/src/ldt/ldt/static/ldt/css/ldtform.css Tue Dec 13 15:46:34 2011 +0100
@@ -138,7 +138,7 @@
}
#ldtcreatecontentstablediv {
- max-height: 280px;
+ max-height: 230px;
}
#ldtcreatecontentslistcontainer {