Refactored the permissions registration, checking and definition

2011-05-24 22:31:07 -04:00
parent ebaf4165e2
commit d97a862a25
25 changed files with 261 additions and 288 deletions
--- a/apps/permissions/api.py
+++ b/apps/permissions/api.py
@@ -11,36 +11,30 @@ from permissions import PERMISSION_ROLE_VIEW, PERMISSION_ROLE_EDIT, \
 from permissions.models import Permission


-def register_permissions(namespace, permissions):
-    if permissions:
-        for permission in permissions:
-            try:
-                permission_obj, created = Permission.objects.get_or_create(
-                    namespace=namespace, name=permission['name'])
-                permission_obj.label = unicode(permission['label'])
-                permission_obj.save()
-            except DatabaseError:
-                #Special case for ./manage.py syncdb
-                pass
+def register_permission(permission):
+    try:
+        permission_obj, created = Permission.objects.get_or_create(
+            namespace=permission['namespace'], name=permission['name'])
+        permission_obj.label = unicode(permission['label'])
+        permission_obj.save()
+    except DatabaseError:
+        #Special case for ./manage.py syncdb
+        pass


-#TODO: Handle anonymous users
-def check_permissions(requester, namespace, permission_list):
+def check_permissions(requester, permission_list):
    for permission_item in permission_list:
        permission = get_object_or_404(Permission,
-            namespace=namespace, name=permission_item)
-        #if check_permission(requester, permission):
+            namespace=permission_item['namespace'], name=permission_item['name'])
        if permission.has_permission(requester):
            return True

    raise PermissionDenied(ugettext(u'Insufficient permissions.'))


-register_permissions('permissions', [
-    {'name': PERMISSION_ROLE_VIEW, 'label':_(u'View roles')},
-    {'name': PERMISSION_ROLE_EDIT, 'label':_(u'Edit roles')},
-    {'name': PERMISSION_ROLE_CREATE, 'label':_(u'Create roles')},
-    {'name': PERMISSION_ROLE_DELETE, 'label':_(u'Delete roles')},
-    {'name': PERMISSION_PERMISSION_GRANT, 'label':_(u'Grant permissions')},
-    {'name': PERMISSION_PERMISSION_REVOKE, 'label':_(u'Revoke permissions')},
-])
+register_permission(PERMISSION_ROLE_VIEW)
+register_permission(PERMISSION_ROLE_EDIT)
+register_permission(PERMISSION_ROLE_CREATE)
+register_permission(PERMISSION_ROLE_DELETE)
+register_permission(PERMISSION_PERMISSION_GRANT)
+register_permission(PERMISSION_PERMISSION_REVOKE)