My Pastes
Public Pastes
Layout Width
Share Pastebin
Guest
Public paste!

mtigas

By: a guest | Jul 23rd, 2008 | Syntax: Python | Size: 2.24 KB | Hits: 206 | Expires: Never
Download | Raw | Embed | Report abuse
Copy text to clipboard
  1. #admin.py for newforms-admin permissions example
  2. #see http://www.miketigas.com/?p=625
  3. from django.contrib import admin
  4. from myapp.models import Blog,BlogPost
  5.  
  6. class BlogAdmin(admin.ModelAdmin):
  7.   prepopulated_fields = {'slug': ('name',)}
  8.  
  9.   # a similar delete_permission should be written
  10.   def has_change_permission(self, request, obj=None):
  11.     # if user has special permission (or is superuser) allow all changes
  12.     if request.user.is_superuser or request.user.has_perm('myapp.access_all_blogs'):
  13.       return true
  14.     # allow changes if logged in as the "owner"
  15.     elif obj:
  16.       return (request.user == obj.user)
  17.     # otherwise, pick up the default internal Django behavior
  18.     else:
  19.       return super(BlogAdmin, self).has_change_permission(request, obj)
  20.  
  21.   # Filter the blogs that show up in the admin panel.
  22.   def queryset(self, request):
  23.     # get the default queryset, pre-filter
  24.     qs = super(BlogAdmin, self).queryset(request)
  25.     # only do the filter if we don't have special permission to see all blogs
  26.     if not (request.user.is_superuser or request.user.has_perm('myapp.access_all_blogs')):
  27.       # filter only shows blogs mapped to currently logged-in user
  28.       qs = qs.filter(user=request.user)
  29.     return qs
  30.  
  31. class BlogPostAdmin(admin.ModelAdmin):
  32.   prepopulated_fields = {'slug': ('title',)}
  33.  
  34.   def has_change_permission(self, request, obj=None):
  35.     # if user has special permission (or is superuser) allow all changes
  36.     if request.user.is_superuser or request.user.has_perm('myapp.access_all_posts'):
  37.       return true
  38.     # allow changes if logged in as the "owner"
  39.     elif obj:
  40.       return (request.user == obj.blog.user)
  41.     # otherwise, pick up the default internal Django behavior
  42.     else:
  43.       return super(BlogPostAdmin, self).has_change_permission(request, obj)
  44.  
  45.   # Filter the posts that show up in the admin panel.
  46.   def queryset(self, request):
  47.     qs = super(BlogPostAdmin, self).queryset(request)
  48.     if not (request.user.is_superuser or request.user.has_perm('myapp.access_all_posts')):
  49.       # filter only shows blogs mapped to currently logged-in user
  50.       qs = qs.filter(blog__user=request.user)
  51.     return qs
  52.  
  53. admin.site.register(Blog,BlogAdmin)
  54. admin.site.register(BlogPost,BlogPostAdmin)
create new paste | create new version of this paste RAW Paste Data