mirror of
https://github.com/jazzband/django-authority.git
synced 2026-03-16 22:20:28 +00:00
91929a76c9
1. All models need to be defined inside an installed application or declare an explicit app_label. Furthermore, it isn’t possible to import them before their application is loaded. In particular, it isn’t possible to import models inside the root package of an application 2. The django.contrib.contenttypes.generic module is removed 3. django.db.models.loading is removed.
66 lines
2.6 KiB
Python
66 lines
2.6 KiB
Python
from datetime import datetime
|
|
from django.db import models
|
|
from django.contrib.contenttypes.models import ContentType
|
|
from django.contrib.contenttypes.fields import GenericForeignKey
|
|
from django.contrib.auth.models import Group
|
|
from django.utils.translation import ugettext_lazy as _
|
|
|
|
from authority.compat import user_model_label
|
|
from authority.managers import PermissionManager
|
|
|
|
|
|
class Permission(models.Model):
|
|
"""
|
|
A granular permission model, per-object permission in other words.
|
|
This kind of permission is associated with a user/group and an object
|
|
of any content type.
|
|
"""
|
|
codename = models.CharField(_('codename'), max_length=100)
|
|
content_type = models.ForeignKey(ContentType, related_name="row_permissions")
|
|
object_id = models.PositiveIntegerField()
|
|
content_object = GenericForeignKey('content_type', 'object_id')
|
|
|
|
user = models.ForeignKey(
|
|
user_model_label, null=True, blank=True, related_name='granted_permissions')
|
|
group = models.ForeignKey(Group, null=True, blank=True)
|
|
creator = models.ForeignKey(
|
|
user_model_label, null=True, blank=True, related_name='created_permissions')
|
|
|
|
approved = models.BooleanField(
|
|
_('approved'),
|
|
default=False,
|
|
help_text=_("Designates whether the permission has been approved and treated as active. "
|
|
"Unselect this instead of deleting permissions."))
|
|
|
|
date_requested = models.DateTimeField(_('date requested'), default=datetime.now)
|
|
date_approved = models.DateTimeField(_('date approved'), blank=True, null=True)
|
|
|
|
objects = PermissionManager()
|
|
|
|
def __unicode__(self):
|
|
return self.codename
|
|
|
|
class Meta:
|
|
unique_together = ("codename", "object_id", "content_type", "user", "group")
|
|
verbose_name = _('permission')
|
|
verbose_name_plural = _('permissions')
|
|
permissions = (
|
|
('change_foreign_permissions', 'Can change foreign permissions'),
|
|
('delete_foreign_permissions', 'Can delete foreign permissions'),
|
|
('approve_permission_requests', 'Can approve permission requests'),
|
|
)
|
|
|
|
def save(self, *args, **kwargs):
|
|
# Make sure the approval date is always set
|
|
if self.approved and not self.date_approved:
|
|
self.date_approved = datetime.now()
|
|
super(Permission, self).save(*args, **kwargs)
|
|
|
|
def approve(self, creator):
|
|
"""
|
|
Approve granular permission request setting a Permission entry as
|
|
approved=True for a specific action from an user on an object instance.
|
|
"""
|
|
self.approved = True
|
|
self.creator = creator
|
|
self.save()
|