Improve access control (refs #49)

author: Étienne Loks <etienne.loks@peacefrogs.net> 2010-12-27 19:26:43 +0100
committer: Étienne Loks <etienne.loks@peacefrogs.net> 2010-12-27 19:26:43 +0100
commit: a8f2bf3258897d1724ac21df4803880939ad334b (patch)
tree: 48eea1cc016957ca63f9289a72dbf25993eab7ab
parent: 7425e0df92dff8b384d20d7adc89726cda27fa5d (diff)
download: Ishtar-a8f2bf3258897d1724ac21df4803880939ad334b.tar.bz2
Ishtar-a8f2bf3258897d1724ac21df4803880939ad334b.zip
2 files changed, 41 insertions, 41 deletions
diff --git a/ishtar/furnitures/backend.py b/ishtar/furnitures/backend.py
index d251d81a8..c9b8e2b23 100644
--- a/ishtar/furnitures/backend.py
+++ b/ishtar/furnitures/backend.py
@@ -42,7 +42,7 @@ class ObjectOwnPermBackend(object):
 
         try:
             # only manage "own" permissions
-            assert perm.split('.')[-1].split('_')[-1] == 'own'
+            assert perm.split('.')[-1].split('_')[1] == 'own'
         except (IndexError, AssertionError):
             return False
 
diff --git a/ishtar/furnitures/models.py b/ishtar/furnitures/models.py
index 41990e2b8..008288eb9 100644
--- a/ishtar/furnitures/models.py
+++ b/ishtar/furnitures/models.py
@@ -111,10 +111,10 @@ class Organization(Address, OwnPerms):
         verbose_name = _(u"Organization")
         verbose_name_plural = _(u"Organizations")
         permissions = (
-            ("can_view_own", ugettext(u"Can view own Organization")),
-            ("can_add_own", ugettext(u"Can add own Organization")),
-            ("can_change_own", ugettext(u"Can change own Organization")),
-            ("can_delete_own", ugettext(u"Can delete own Organization")),
+          ("view_own_organization", ugettext(u"Can view own Organization")),
+          ("add_own_organization", ugettext(u"Can add own Organization")),
+          ("change_own_organization", ugettext(u"Can change own Organization")),
+          ("delete_own_organization", ugettext(u"Can delete own Organization")),
         )
 
 class PersonType(GeneralType):
@@ -144,10 +144,10 @@ class Person(Address, OwnPerms) :
         verbose_name = _(u"Person")
         verbose_name_plural = _(u"Persons")
         permissions = (
-            ("can_view_own", ugettext(u"Can view own Person")),
-            ("can_add_own", ugettext(u"Can add own Person")),
-            ("can_change_own", ugettext(u"Can change own Person")),
-            ("can_delete_own", ugettext(u"Can delete own Person")),
+            ("view_own_person", ugettext(u"Can view own Person")),
+            ("add_own_person", ugettext(u"Can add own Person")),
+            ("change_own_person", ugettext(u"Can change own Person")),
+            ("delete_own_person", ugettext(u"Can delete own Person")),
         )
 
     def __unicode__(self):
@@ -198,10 +198,10 @@ class File(BaseHistorizedItem, OwnPerms):
         verbose_name = _(u"Archaeological file")
         verbose_name_plural = _(u"Archaeological files")
         permissions = (
-            ("can_view_own", ugettext(u"Can view own Archaelogical file")),
-            ("can_add_own", ugettext(u"Can add own Archaelogical file")),
-            ("can_change_own", ugettext(u"Can change own Archaelogical file")),
-            ("can_delete_own", ugettext(u"Can delete own Archaelogical file")),
+            ("view_own_file", ugettext(u"Can view own Archaelogical file")),
+            ("add_own_file", ugettext(u"Can add own Archaelogical file")),
+            ("change_own_file", ugettext(u"Can change own Archaelogical file")),
+            ("delete_own_file", ugettext(u"Can delete own Archaelogical file")),
         )
     def __unicode__(self):
       return u"%d - %s" % (self.year, self.internal_reference)
@@ -241,10 +241,10 @@ class Operation(BaseHistorizedItem, OwnPerms):
         verbose_name = _(u"Operation")
         verbose_name_plural = _(u"Operations")
         permissions = (
-            ("can_view_own", ugettext(u"Can view own Operation")),
-            ("can_add_own", ugettext(u"Can add own Operation")),
-            ("can_change_own", ugettext(u"Can change own Operation")),
-            ("can_delete_own", ugettext(u"Can delete own Operation")),
+            ("view_own_operation", ugettext(u"Can view own Operation")),
+            ("add_own_operation", ugettext(u"Can add own Operation")),
+            ("change_own_operation", ugettext(u"Can change own Operation")),
+            ("delete_own_operation", ugettext(u"Can delete own Operation")),
         )
 
     def __unicode__(self):
@@ -317,10 +317,10 @@ class RegistrationUnit(BaseHistorizedItem, OwnPerms):
         verbose_name = _(u"Registration Unit")
         verbose_name_plural = _(u"Registration Units")
         permissions = (
-            ("can_view_own", ugettext(u"Can view own Registration Unit")),
-            ("can_add_own", ugettext(u"Can add own Registration Unit")),
-            ("can_change_own", ugettext(u"Can change own Registration Unit")),
-            ("can_delete_own", ugettext(u"Can delete own Registration Unit")),
+ ("view_own_registrationunit", ugettext(u"Can view own Registration Unit")),
+ ("add_own_registrationunit", ugettext(u"Can add own Registration Unit")),
+ ("change_own_registrationunit", ugettext(u"Can change own Registration Unit")),
+ ("delete_own_registrationunit", ugettext(u"Can delete own Registration Unit")),
         )
 
     def __unicode__(self):
@@ -362,10 +362,10 @@ class BaseItem(BaseHistorizedItem, OwnPerms):
         verbose_name = _(u"Base item")
         verbose_name_plural = _(u"Base items")
         permissions = (
-            ("can_view_own", ugettext(u"Can view own Base item")),
-            ("can_add_own", ugettext(u"Can add own Base item")),
-            ("can_change_own", ugettext(u"Can change own Base item")),
-            ("can_delete_own", ugettext(u"Can delete own Base item")),
+            ("view_own_baseitem", ugettext(u"Can view own Base item")),
+            ("add_own_baseitem", ugettext(u"Can add own Base item")),
+            ("change_own_baseitem", ugettext(u"Can change own Base item")),
+            ("delete_own_baseitem", ugettext(u"Can delete own Base item")),
         )
 
     def __unicode__(self):
@@ -392,10 +392,10 @@ class Item(BaseHistorizedItem, OwnPerms):
         verbose_name = _(u"Item")
         verbose_name_plural = _(u"Items")
         permissions = (
-            ("can_view_own", ugettext(u"Can view own Item")),
-            ("can_add_own", ugettext(u"Can add own Item")),
-            ("can_change_own", ugettext(u"Can change own Item")),
-            ("can_delete_own", ugettext(u"Can delete own Item")),
+            ("view_own_item", ugettext(u"Can view own Item")),
+            ("add_own_item", ugettext(u"Can add own Item")),
+            ("change_own_item", ugettext(u"Can change own Item")),
+            ("delete_own_item", ugettext(u"Can delete own Item")),
         )
 
     def __unicode__(self):
@@ -431,10 +431,10 @@ class Warehouse(Address, OwnPerms):
         verbose_name = _(u"Warehouse")
         verbose_name_plural = _(u"Warehouses")
         permissions = (
-            ("can_view_own", ugettext(u"Can view own Warehouse")),
-            ("can_add_own", ugettext(u"Can add own Warehouse")),
-            ("can_change_own", ugettext(u"Can change own Warehouse")),
-            ("can_delete_own", ugettext(u"Can delete own Warehouse")),
+            ("view_own_warehouse", ugettext(u"Can view own Warehouse")),
+            ("add_own_warehouse", ugettext(u"Can add own Warehouse")),
+            ("change_own_warehouse", ugettext(u"Can change own Warehouse")),
+            ("delete_own_warehouse", ugettext(u"Can delete own Warehouse")),
         )
 
     def __unicode__(self):
@@ -467,10 +467,10 @@ related_name='+', verbose_name=_(u"Person in charge of the scientific part"))
         verbose_name = _(u"Administrative act")
         verbose_name_plural = _(u"Administrative acts")
         permissions = (
-            ("can_view_own", ugettext(u"Can view own Administrative act")),
-            ("can_add_own", ugettext(u"Can add own Administrative act")),
-            ("can_change_own", ugettext(u"Can change own Administrative act")),
-            ("can_delete_own", ugettext(u"Can delete own Administrative act")),
+("view_own_administrativeact", ugettext(u"Can view own Administrative act")),
+("add_own_administrativeact", ugettext(u"Can add own Administrative act")),
+("change_own_administrativeact", ugettext(u"Can change own Administrative act")),
+("delete_own_administrativeact", ugettext(u"Can delete own Administrative act")),
         )
 
     def __unicode__(self):
@@ -549,10 +549,10 @@ class Treatment(BaseHistorizedItem, OwnPerms):
         verbose_name = _(u"Treatment")
         verbose_name_plural = _(u"Treatments")
         permissions = (
-            ("can_view_own", ugettext(u"Can view own Treatment")),
-            ("can_add_own", ugettext(u"Can add own Treatment")),
-            ("can_change_own", ugettext(u"Can change own Treatment")),
-            ("can_delete_own", ugettext(u"Can delete own Treatment")),
+            ("view_own_treatment", ugettext(u"Can view own Treatment")),
+            ("add_own_treatment", ugettext(u"Can add own Treatment")),
+            ("change_own_treatment", ugettext(u"Can change own Treatment")),
+            ("delete_own_treatment", ugettext(u"Can delete own Treatment")),
         )
 
     def __unicode__(self):
author	Étienne Loks <etienne.loks@peacefrogs.net>	2010-12-27 19:26:43 +0100
committer	Étienne Loks <etienne.loks@peacefrogs.net>	2010-12-27 19:26:43 +0100
commit	a8f2bf3258897d1724ac21df4803880939ad334b (patch)
tree	48eea1cc016957ca63f9289a72dbf25993eab7ab
parent	7425e0df92dff8b384d20d7adc89726cda27fa5d (diff)
download	Ishtar-a8f2bf3258897d1724ac21df4803880939ad334b.tar.bz2 Ishtar-a8f2bf3258897d1724ac21df4803880939ad334b.zip