From b472383bc0e6fbc62132df2a0a40ba8d6dda31d2 Mon Sep 17 00:00:00 2001
From: Roberto Rosario <Roberto.Rosario.Gonzalez@gmail.com>
Date: Sat, 29 Oct 2011 02:26:48 -0400
Subject: [PATCH] Only show the permissions the users hold on the ACL edit view

---
 apps/acls/views.py | 51 +++++++++++++++++++---------------------------
 1 file changed, 21 insertions(+), 30 deletions(-)

diff --git a/apps/acls/views.py b/apps/acls/views.py
index 21ef01fa6f..df6b0c4a2c 100644
--- a/apps/acls/views.py
+++ b/apps/acls/views.py
@@ -1,5 +1,5 @@
 from django.utils.translation import ugettext_lazy as _
-from django.http import HttpResponseRedirect
+from django.http import HttpResponseRedirect, Http404
 from django.shortcuts import render_to_response, get_object_or_404
 from django.template import RequestContext
 from django.contrib import messages
@@ -8,9 +8,11 @@ from django.core.urlresolvers import reverse
 from django.views.generic.create_update import create_object, delete_object, update_object
 from django.contrib.contenttypes.models import ContentType
 from django.contrib.auth.models import User, Group
+from django.core.exceptions import ObjectDoesNotExist
 
 from permissions.api import check_permissions, namespace_titles, get_permission_label, get_permission_namespace_label
 from common.utils import generate_choices_w_labels, encapsulate
+from common.widgets import two_state_template
 
 from acls import ACLS_EDIT_ACL, ACLS_VIEW_ACL
 from acls.models import AccessEntry, AccessObject, AccessHolder
@@ -22,7 +24,7 @@ def _permission_titles(permission_list):
     
     
 def acl_list_for(request, obj, extra_context=None):
-    check_permissions(request.user, [ACLS_VIEW_ACL])
+    #check_permissions(request.user, [ACLS_VIEW_ACL])
 
     ct = ContentType.objects.get_for_model(obj)
 
@@ -36,13 +38,13 @@ def acl_list_for(request, obj, extra_context=None):
         'extra_columns': [
             #{'name': _(u'holder'), 'attribute': 'label'},
             #{'name': _(u'obj'), 'attribute': 'holder_object'},
-            {'name': _(u'gid'), 'attribute': 'gid'},
+            #{'name': _(u'gid'), 'attribute': 'gid'},
             {'name': _(u'holder'), 'attribute': encapsulate(lambda x: object_w_content_type_icon(x.source_object))},
             {'name': _(u'permissions'), 'attribute': encapsulate(lambda x: _permission_titles(AccessEntry.objects.get_permissions_for_holder(obj, x.source_object)))},
             #{'name': _(u'arguments'), 'attribute': 'arguments'}
             ],
         #'hide_link': True,
-        #'hide_object': True,
+        'hide_object': True,
         'access_object': AccessObject.encapsulate(obj)
     }
 
@@ -59,43 +61,33 @@ def acl_list(request, app_label, model_name, object_id):
     return acl_list_for(request, obj)
 
 
-#def acl_detail(request, app_label, model_name, object_id, holder_app_label, holder_model_name, holder_id):
 def acl_detail(request, access_object_gid, holder_object_gid):
-    #check_permissions(request.user, [PERMISSION_PERMISSION_GRANT, PERMISSION_PERMISSION_REVOKE])
-    #ct = get_object_or_404(ContentType, app_label=app_label, model=model_name)
-    #obj = get_object_or_404(ct.get_object_for_this_type, pk=object_id)
-
-    #ct = get_object_or_404(ContentType, app_label=holder_app_label, model=holder_model_name)
-    #holder = get_object_or_404(ct.get_object_for_this_type, pk=holder_id)
-   
-    #access_entry = get_object_or_404(AccessEntry, pk=access_entry_id)
-    #holder = 
-    #role = get_object_or_404(Role, pk=role_id)
-    #form = RoleForm_view(instance=role)
-
-    #role_permissions_list = Permission.objects.get_for_holder(role)
-    
-    #try;
-    holder = AccessHolder.get(gid=holder_object_gid)
-    access_object = AccessObject.get(gid=access_object_gid)
-    #raise 404
+    #check_permissions(request.user, [ACLS_VIEW_ACL, ACLS_EDIT_ACL])
     
+    try:
+        holder = AccessHolder.get(gid=holder_object_gid)
+        access_object = AccessObject.get(gid=access_object_gid)
+    except ObjectDoesNotExist:
+        raise Http404
+        
+    permission_list = list(set(AccessEntry.objects.get_permissions_for_holder(access_object.source_object, request.user)))
+    #TODO : get all globalluy assignes permission, new function get_permissions_for_holder (roles aware)
     subtemplates_list = [
         {
             'name': u'generic_list_subtemplate.html',
             'context': {
                 'title': _(u'permissions held by: %s for %s' % (holder, access_object)),
-                'object_list': AccessEntry.objects.get_permissions_for_holder(access_object.source_object, holder.source_object),
+                'object_list': permission_list,
                 'extra_columns': [
                     {'name': _(u'namespace'), 'attribute': encapsulate(lambda x: get_permission_namespace_label(x))},
                     {'name': _(u'name'), 'attribute': encapsulate(lambda x: get_permission_label(x))},
-                    #{
-                    #    'name':_(u'has permission'),
-                    #    'attribute': encapsulate(lambda x: two_state_template(x.has_permission(role))),
-                    #},
+                    {
+                        'name':_(u'has permission'),
+                        'attribute': encapsulate(lambda x: two_state_template(AccessEntry.objects.has_accesses(x, holder.source_object, access_object.source_object)))
+                    },
                 ],
                 #'hide_link': True,
-                #'hide_object': True,
+                'hide_object': True,
             }
         },
     ]
@@ -103,7 +95,6 @@ def acl_detail(request, access_object_gid, holder_object_gid):
     return render_to_response('generic_detail.html', {
         #'form': form,
         'object': access_object.obj,
-        'object_name': _(u'object'),
         'subtemplates_list': subtemplates_list,
         #'multi_select_as_buttons': True,
         #'multi_select_item_properties': {