from django.core.urlresolvers import reverse
from django.forms.models import model_to_dict
from django.utils import timezone
+from django.core.exceptions import PermissionDenied
import model_policy
try:
def get_query_set(self):
return self.get_queryset()
-class PlCoreBase(models.Model):
+class DiffModelMixIn:
+ # Provides useful methods for computing which objects in a model have
+ # changed. Make sure to do self._initial = self._dict in the __init__
+ # method.
+
+ # This is broken out of PlCoreBase into a Mixin so the User model can
+ # also make use of it.
+
+ @property
+ def _dict(self):
+ return model_to_dict(self, fields=[field.name for field in
+ self._meta.fields])
+
+ @property
+ def diff(self):
+ d1 = self._initial
+ d2 = self._dict
+ diffs = [(k, (v, d2[k])) for k, v in d1.items() if v != d2[k]]
+ return dict(diffs)
+
+ @property
+ def has_changed(self):
+ return bool(self.diff)
+
+ @property
+ def changed_fields(self):
+ return self.diff.keys()
+
+ def has_field_changed(self, field_name):
+ return field_name in self.diff.keys()
+
+ def get_field_diff(self, field_name):
+ return self.diff.get(field_name, None)
+
+class PlCoreBase(models.Model, DiffModelMixIn):
objects = PlCoreBaseManager()
deleted_objects = PlCoreBaseDeletionManager()
def __init__(self, *args, **kwargs):
super(PlCoreBase, self).__init__(*args, **kwargs)
- self.__initial = self._dict
-
- @property
- def diff(self):
- d1 = self.__initial
- d2 = self._dict
- diffs = [(k, (v, d2[k])) for k, v in d1.items() if v != d2[k]]
- return dict(diffs)
-
- @property
- def has_changed(self):
- return bool(self.diff)
-
- @property
- def changed_fields(self):
- return self.diff.keys()
-
- def get_field_diff(self, field_name):
- return self.diff.get(field_name, None)
+ self._initial = self._dict # for DiffModelMixIn
+ self.silent = False
def can_update(self, user):
if user.is_readonly:
return False
if user.is_admin:
return True
+
return False
def delete(self, *args, **kwds):
self.save(update_fields=['enacted','deleted'], silent=silent)
def save(self, *args, **kwargs):
+ # let the user specify silence as either a kwarg or an instance varible
+ silent = self.silent
if "silent" in kwargs:
- silent=kwargs.pop("silent")
- else:
- silent=False
+ silent=silent or kwargs.pop("silent")
super(PlCoreBase, self).save(*args, **kwargs)
if not silent:
notify_observer()
- self.__initial = self._dict
+ self._initial = self._dict
def save_by_user(self, user, *args, **kwds):
- if self.can_update(user):
- self.save(*args, **kwds)
+ if not self.can_update(user):
+ if getattr(self, "_cant_update_fieldName", None) is not None:
+ raise PermissionDenied("You do not have permission to update field %s on object %s" % (self._cant_update_fieldName, self.__class__.__name__))
+ else:
+ raise PermissionDenied("You do not have permission to update %s objects" % self.__class__.__name__)
+
+ self.save(*args, **kwds)
def delete_by_user(self, user, *args, **kwds):
- if self.can_update(user):
- self.delete(*args, **kwds)
+ if not self.can_update(user):
+ raise PermissionDenied("You do not have permission to delete %s objects" % self.__class__.__name__)
+ self.delete(*args, **kwds)
+
+ @classmethod
+ def select_by_user(cls, user):
+ # This should be overridden by descendant classes that want to perform
+ # filtering of visible objects by user.
+ return cls.objects.all()
- @property
- def _dict(self):
- return model_to_dict(self, fields=[field.name for field in
- self._meta.fields])
git://git.onelab.eu / plstackapi.git / blobdiff