|
@@ -197,29 +197,6 @@ class Token(models.Model):
|
|
|
return True
|
|
return True
|
|
|
|
|
|
|
|
|
|
|
|
|
-class ObjectPermissionManager(models.Manager):
|
|
|
|
|
-
|
|
|
|
|
- def get_attr_constraints(self, user, perm):
|
|
|
|
|
- """
|
|
|
|
|
- Compile all ObjectPermission attributes applicable to a specific combination of user, model, and action. Returns
|
|
|
|
|
- a dictionary that can be passed directly to .filter() on a QuerySet.
|
|
|
|
|
- """
|
|
|
|
|
- content_type, action = resolve_permission(perm)
|
|
|
|
|
- assert action in ['view', 'add', 'change', 'delete'], f"Invalid action: {action}"
|
|
|
|
|
-
|
|
|
|
|
- qs = self.get_queryset().filter(
|
|
|
|
|
- Q(users=user) | Q(groups__user=user),
|
|
|
|
|
- model=content_type,
|
|
|
|
|
- **{f'can_{action}': True}
|
|
|
|
|
- )
|
|
|
|
|
-
|
|
|
|
|
- attrs = Q()
|
|
|
|
|
- for perm in qs:
|
|
|
|
|
- attrs |= Q(**perm.attrs)
|
|
|
|
|
-
|
|
|
|
|
- return attrs
|
|
|
|
|
-
|
|
|
|
|
-
|
|
|
|
|
class ObjectPermission(models.Model):
|
|
class ObjectPermission(models.Model):
|
|
|
"""
|
|
"""
|
|
|
A mapping of view, add, change, and/or delete permission for users and/or groups to an arbitrary set of objects
|
|
A mapping of view, add, change, and/or delete permission for users and/or groups to an arbitrary set of objects
|
|
@@ -257,8 +234,6 @@ class ObjectPermission(models.Model):
|
|
|
default=False
|
|
default=False
|
|
|
)
|
|
)
|
|
|
|
|
|
|
|
- objects = ObjectPermissionManager()
|
|
|
|
|
-
|
|
|
|
|
class Meta:
|
|
class Meta:
|
|
|
unique_together = ('model', 'attrs')
|
|
unique_together = ('model', 'attrs')
|
|
|
|
|
|
Jeremy Stretch