#10609: Permissions on admin actions
---------------------------+------------------------------------------------
Reporter: leitjohn | Owner: leitjohn
Status: new | Milestone: 1.1 beta
Component: Uncategorized | Version: 1.0
Keywords: | Stage: Unreviewed
Has_patch: 1 |
---------------------------+------------------------------------------------
Often one would not want an option to appear in the actions select box in
the changelist. For instance, you may not want a user who can't delete to
see "delete_selected".
I propose that we enable the admin to use the auth decorators
(permission_required, etc).
{{{
Index: options.py
===================================================================
--- options.py (revision 10163)
+++ options.py (working copy)
@@ -423,7 +423,11 @@
for klass in [self.admin_site] + self.__class__.mro()[::-1]:
for action in getattr(klass, 'actions', []):
func, name, description = self.get_action(action)
- actions[name] = (func, name, description)
+
+ # check permission
+ test = getattr(func, "test_func", None)
+ if test == None or test(request.user):
+ actions[name] = (func, name, description)
return actions
}}}
--
Ticket URL: <http://code.djangoproject.com/ticket/10609>
Django <http://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to django-updates@googlegroups.com
To unsubscribe from this group, send email to
django-updates+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en
-~----------~----~----~----~------~----~------~--~---
