Commits

Anonymous committed b0e5cd0

[per-object-permissions] Sets the row level permisisons on objects created inline if the inline objects have row level permissions enabled. This has not been tested indepth, and might not work 100%

Comments (0)

Files changed (2)

django/contrib/admin/views/main.py

                                                                           change=admin_opts.grant_change_row_level_perm,
                                                                           delete=admin_opts.grant_delete_row_level_perm)
             
+            for rel_obj in manipulator.new_rel_objs:
+                if rel_obj._meta.row_level_permissions:
+                    from django.contrib.auth.models import RowLevelPermission
+                    admin_opts = rel_obj._meta.admin
+                    RowLevelPermission.objects.create_default_row_permissions(rel_obj, request.user, 
+                                                                              change=admin_opts.grant_change_row_level_perm,
+                                                                              delete=admin_opts.grant_delete_row_level_perm)
             # Here, we distinguish between different save types by checking for
             # the presence of keys in request.POST.
             if request.POST.has_key("_continue"):
                 change_message = _('No fields changed.')
             LogEntry.objects.log_action(request.user.id, ContentType.objects.get_for_model(model).id, pk_value, str(new_object), CHANGE, change_message)
 
+            for rel_obj in manipulator.new_rel_objs:
+                if rel_obj._meta.row_level_permissions:
+                    from django.contrib.auth.models import RowLevelPermission
+                    admin_opts = rel_obj._meta.admin
+                    RowLevelPermission.objects.create_default_row_permissions(rel_obj, request.user, 
+                                                                              change=admin_opts.grant_change_row_level_perm,
+                                                                              delete=admin_opts.grant_delete_row_level_perm)
+
             msg = _('The %(name)s "%(obj)s" was changed successfully.') % {'name': opts.verbose_name, 'obj': new_object}
             if request.POST.has_key("_continue"):
                 request.user.message_set.create(message=msg + ' ' + _("You may edit it again below."))

django/db/models/manipulators.py

                     # TODO: Add to 'fields_changed'
 
         expanded_data = DotExpandedDict(dict(new_data))
+        self.new_rel_objs = []
         # Save many-to-one objects. Example: Add the Choice objects for a Poll.
         for related in self.opts.get_all_related_objects():
             # Create obj_list, which is a DotExpandedDict such as this:
                         if self.change:
                             if not old_rel_obj: # This object didn't exist before.
                                 self.fields_added.append('%s "%s"' % (related.opts.verbose_name, new_rel_obj))
+                                self.new_rel_objs.append(new_rel_obj)
                             else:
                                 for f in related.opts.fields:
                                     if not f.primary_key and f != related.field and str(getattr(old_rel_obj, f.attname)) != str(getattr(new_rel_obj, f.attname)):
                         new_rel_obj.delete()
                         self.fields_deleted.append('%s "%s"' % (related.opts.verbose_name, old_rel_obj))
 
+
         # Save the order, if applicable.
         if self.change and self.opts.get_ordered_objects():
             order = new_data['order_'] and map(int, new_data['order_'].split(',')) or []