Mercurial Mercurial > platform / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | zip | gz | bz2 | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Clean code of SafeManager
authorverrierj
Wed, 16 Nov 2011 15:28:24 +0100
changeset 242 bee98775a8e8
parent 241 8649bd4f2443
child 243 3cff86180fbe
Clean code of SafeManager
src/ldt/ldt/security/manager.py file | annotate | diff | comparison | revisions
src/ldt/ldt/security/models.py file | annotate | diff | comparison | revisions
src/ldt/ldt/security/utils.py file | annotate | diff | comparison | revisions
src/ldt/ldt/settings.py file | annotate | diff | comparison | revisions
web/ldtplatform/settings.py file | annotate | diff | comparison | revisions 
--- a/src/ldt/ldt/security/manager.py	Wed Nov 16 12:34:49 2011 +0100
+++ b/src/ldt/ldt/security/manager.py	Wed Nov 16 15:28:24 2011 +0100
@@ -4,30 +4,22 @@
 
 class SafeManager(Manager):
     
-    def __init__(self, user=None):
-        super(SafeManager, self).__init__() 
-        if user:
-            self.check_perm_for(user)
-        else:
-            self.user = get_current_user()
-    
-    def check_perm_for(self, user):
+    def __init__(self, user=None, check_perm=True):
+        super(SafeManager, self).__init__()
         self.user = user
+        self.check_perm = check_perm
         
-    def stop_checking(self):
-        self.user = None
-      
-    def has_user(self):
-        return self.user != None
-            
-    def get_query_set(self):        
-        if not self.has_user():
+    def get_query_set(self):
+        if not self.check_perm:
             return super(SafeManager, self).get_query_set()
-        #    raise AttributeError("A user has to be chosen to check permissions.")
+                                
+        if not self.user:
+            self.user = get_current_user()
+            #raise AttributeError("A user has to be chosen to check permissions.")
         
-        perm_name = 'ldt_utils.view_%s' % self.model.__name__.lower() 
+        perm_name = '%s.view_%s' % (self.model._meta.app_label, self.model.__name__.lower()) 
         
-        # call parent query_set below
-        user_objects = get_objects_for_user(self.user, perm_name) 
+        user_objects = get_objects_for_user(self.user, perm_name, klass=self.model.objects) 
             
         return user_objects
+    
\ No newline at end of file
--- a/src/ldt/ldt/security/models.py	Wed Nov 16 12:34:49 2011 +0100
+++ b/src/ldt/ldt/security/models.py	Wed Nov 16 15:28:24 2011 +0100
@@ -2,7 +2,7 @@
 from manager import SafeManager
 
 class SafeModel(models.Model):
-    objects = models.Manager()
+    objects = SafeManager(check_perm=False)
     safe_objects = SafeManager()
     
     class Meta:
--- a/src/ldt/ldt/security/utils.py	Wed Nov 16 12:34:49 2011 +0100
+++ b/src/ldt/ldt/security/utils.py	Wed Nov 16 15:28:24 2011 +0100
@@ -31,20 +31,20 @@
         
         cls_list = []
         for cls_name in settings.USE_GROUP_PERMISSIONS:
-            cls_type = ContentType.objects.get(app_label='ldt_utils', model=cls_name.lower())
+            cls_type = ContentType.objects.get(model=cls_name.lower())
             cls_list.append(cls_type.model_class())
         ToProtect.cls_list = cls_list
         
         return cls_list
 
 def protect_model(cls, user):   
-    cls.safe_objects.check_perm_for(user)
+    cls.safe_objects.user = user
     
     cls.old_save = cls.save
     cls.old_delete = cls.delete
     class_name = cls.__name__.lower()
-    cls.save = change_security(class_name)(cls.save)
-    cls.delete = change_security(class_name)(cls.delete)    
+    cls.save = change_security(user, class_name)(cls.save)
+    cls.delete = change_security(user, class_name)(cls.delete)    
     
 def unprotect_model(cls):    
     if hasattr(cls, 'old_save'):
@@ -53,10 +53,9 @@
         del cls.old_save    
         del cls.old_delete 
         
-def change_security(cls_name):
+def change_security(user, cls_name):
     def wrapper(func):
-        def wrapped(self, *args, **kwargs):
-            user = get_current_user()                        
+        def wrapped(self, *args, **kwargs):                      
                         
             if self.pk and not user.has_perm('change_%s' % cls_name, self):
                 raise AttributeError('User %s is not allowed to change object %s' % (user, self))
--- a/src/ldt/ldt/settings.py	Wed Nov 16 12:34:49 2011 +0100
+++ b/src/ldt/ldt/settings.py	Wed Nov 16 15:28:24 2011 +0100
@@ -82,6 +82,6 @@
 
 WEB_VERSION = getattr(settings, 'WEB_VERSION', '')
 ANONYOUS_USER_ID = -1
-USE_GROUP_PERMISSIONS=False
+USE_GROUP_PERMISSIONS = ['Project', 'Content'] 
 
 
--- a/web/ldtplatform/settings.py	Wed Nov 16 12:34:49 2011 +0100
+++ b/web/ldtplatform/settings.py	Wed Nov 16 15:28:24 2011 +0100
@@ -209,8 +209,6 @@
 
 WEB_VERSION = ldtplatform.get_version()
 
-PUBLIC_GROUP_NAME = 'published_projects'
-
 from config import *
 
 if not "LOGIN_URL" in locals():
platform