Changes between Version 28 and Version 29 of RowLevelPermissions
- Timestamp:
- Aug 20, 2006, 11:19:16 AM (18 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
RowLevelPermissions
v28 v29 11 11 An example of where this would be useful is a forum or message board. With the current permission system, a user is capable of editing all the posts or unable to edit any posts. After implementing a row level permission, it can be modified so a user is capable of editing only their own personal posts. 12 12 13 == Current Status ==14 15 Row level permissions is now working, it should still be considered beta but it can be used. Please see below for more details on how to utilize row level permissions.16 17 == Todo ==18 19 * More unit tests20 21 13 == Using Row Level Permissions == 22 14 … … 27 19 * Row level permissions use the permissions table to determine an object's possible permissions, you need to create permissions in the permissions table before using them in row level permissions. 28 20 * Row level permissions can be negative, this is determined by an attribute called "negative". 29 * The order of checking permissions will work in the following order: User Row Level Permission -> Group Row Level Permission -> User Model Level Permission -> Group Model Level Permission. The checking will stop either at the first positive or negative, and if no permission is found will return a negative .21 * The order of checking permissions will work in the following order: User Row Level Permission -> Group Row Level Permission -> User Model Level Permission -> Group Model Level Permission. The checking will stop either at the first positive or negative, and if no permission is found will return a negative (or false). 30 22 31 23 === Enabling Row Level Permissions === … … 51 43 }}} 52 44 53 === Accessing Row Level Permissions from a Model === 54 55 The relation name for row level permissions from a model is "row_level_permissions", this will return all row level permissions related to the instance of the object. For example, this will return all row level permissions related to the object quartz: 56 {{{ 57 #!python 58 ... 59 rlp_list = quartz.row_level_permissions.all() 60 ... 61 }}} 62 63 === Accessing the Owner and Model of a Row Level Permission === 64 65 To return the owner of a row level permission use the attribute "owner". For example: 66 {{{ 67 #!python 68 ... 69 user = row_level_permission.owner 70 ... 71 }}} 72 73 To return the instance of a row level permission use the attribute "model". For example: 74 {{{ 75 #!python 76 ... 77 object = row_level_permission.model 78 ... 79 }}} 45 You do not need the ''class Admin'' but it does create the default change, add and delete permissions for the object which are useful to have. 80 46 81 47 === Creating a Row Level Permission === … … 157 123 }}} 158 124 125 Row level permissions can be edited in the administration interface, on the change form for each object with row level permissions enabled is a link beside History to edit row level permissions. To edit row level permissions, you must have the change RLP permission and change permission on the object. 126 127 === Accessing Row Level Permissions from a Model === 128 129 The relation name for row level permissions from a model is "row_level_permissions", this will return all row level permissions related to the instance of the object. For example, this will return all row level permissions related to the object quartz: 130 {{{ 131 #!python 132 ... 133 rlp_list = quartz.row_level_permissions.all() 134 ... 135 }}} 136 137 === Accessing the Owner and Model of a Row Level Permission === 138 139 To return the owner of a row level permission use the attribute "owner". For example: 140 {{{ 141 #!python 142 ... 143 user = row_level_permission.owner 144 ... 145 }}} 146 147 To return the instance of a row level permission use the attribute "model". For example: 148 {{{ 149 #!python 150 ... 151 object = row_level_permission.model 152 ... 153 }}} 154 159 155 == Implementation Notes == 160 156 … … 162 158 163 159 == Known Bugs == 164 * Connecting more then one "owner" to the RLP model causes a M2M conflict, this is a bug with the generic relation code. Work around for now is to rename the related_name for each different owner. 160 * Connecting more then one "owner" to the RLP model causes a M2M conflict, this is a bug with the generic relation code. Work around for now is to rename the related_name for each different owner. - ''This is a bug with generic relations, see ticket #2573'' 165 161 * Row level permissions can not have row level permissions enabled 166 162 * Error message in admin interface is displayed with a checkmark not an error icon