mirror of
https://github.com/jazzband/django-authority.git
synced 2026-05-15 02:54:50 +00:00
4cf4853232
* Updated tox to test only python{2,3}.7 and djagno1.11/2.2
* Updated travis.
* Updated models/migrations.
* Updated path to `reverse`
* Updated path to login view.
* Updated middlewares/installed apps
* Updated .travis again.
* Lets see if that will get tests working in python3 on travis.
* Switch to in memory DB for tests
* Stop running tests with python2.7 and django 2.2. They shouldn't work anyway.
* Sure did that wrong. Fix which python versions are running with which code.
* That isn't needed. Lets see if that is what is breaking python3.
* Testing a theory.
* Revert "Testing a theory."
This reverts commit 69b3e4c906.
* Added initial migration for example users.
* is_authenticated is a bool, not a method.
66 lines
2.7 KiB
Python
66 lines
2.7 KiB
Python
from datetime import datetime
|
|
from django.db import models
|
|
from django.contrib.contenttypes.models import ContentType
|
|
from django.contrib.contenttypes.fields import GenericForeignKey
|
|
from django.contrib.auth.models import Group
|
|
from django.utils.translation import ugettext_lazy as _
|
|
|
|
from authority.compat import user_model_label
|
|
from authority.managers import PermissionManager
|
|
|
|
|
|
class Permission(models.Model):
|
|
"""
|
|
A granular permission model, per-object permission in other words.
|
|
This kind of permission is associated with a user/group and an object
|
|
of any content type.
|
|
"""
|
|
codename = models.CharField(_('codename'), max_length=100)
|
|
content_type = models.ForeignKey(ContentType, related_name="row_permissions", on_delete=models.CASCADE)
|
|
object_id = models.PositiveIntegerField()
|
|
content_object = GenericForeignKey('content_type', 'object_id')
|
|
|
|
user = models.ForeignKey(
|
|
user_model_label, null=True, blank=True, related_name='granted_permissions', on_delete=models.CASCADE)
|
|
group = models.ForeignKey(Group, null=True, blank=True, on_delete=models.CASCADE)
|
|
creator = models.ForeignKey(
|
|
user_model_label, null=True, blank=True, related_name='created_permissions', on_delete=models.CASCADE)
|
|
|
|
approved = models.BooleanField(
|
|
_('approved'),
|
|
default=False,
|
|
help_text=_("Designates whether the permission has been approved and treated as active. "
|
|
"Unselect this instead of deleting permissions."))
|
|
|
|
date_requested = models.DateTimeField(_('date requested'), default=datetime.now)
|
|
date_approved = models.DateTimeField(_('date approved'), blank=True, null=True)
|
|
|
|
objects = PermissionManager()
|
|
|
|
def __unicode__(self):
|
|
return self.codename
|
|
|
|
class Meta:
|
|
unique_together = ("codename", "object_id", "content_type", "user", "group")
|
|
verbose_name = _('permission')
|
|
verbose_name_plural = _('permissions')
|
|
permissions = (
|
|
('change_foreign_permissions', 'Can change foreign permissions'),
|
|
('delete_foreign_permissions', 'Can delete foreign permissions'),
|
|
('approve_permission_requests', 'Can approve permission requests'),
|
|
)
|
|
|
|
def save(self, *args, **kwargs):
|
|
# Make sure the approval date is always set
|
|
if self.approved and not self.date_approved:
|
|
self.date_approved = datetime.now()
|
|
super(Permission, self).save(*args, **kwargs)
|
|
|
|
def approve(self, creator):
|
|
"""
|
|
Approve granular permission request setting a Permission entry as
|
|
approved=True for a specific action from an user on an object instance.
|
|
"""
|
|
self.approved = True
|
|
self.creator = creator
|
|
self.save()
|