Fixed #22295 -- Replaced permission check for displaying user-tools #2725

Closed
wants to merge 3 commits into
from

Conversation

Projects
None yet
2 participants
Contributor

maxocub commented May 27, 2014

Since has_permission() already checks if the user is staff and is active, I replaced {% if user.is_staff and user.is_active %} by {% if has_permission %} in base.html.
So, if someone creates a custom admin with a custom has_permission(), the user-tools will be displayed.
It's also backward compatible for someone who extends base.html and expects the user-tools to be hidden.

Contributor

maxocub commented May 27, 2014

I'm not sure but it might also close this one: https://code.djangoproject.com/ticket/14434

@@ -322,7 +329,10 @@ def logout(self, request, extra_context=None):
from django.contrib.auth.views import logout
defaults = {
'current_app': self.name,
- 'extra_context': dict(self.each_context(), **(extra_context or {})),
+ 'extra_context': dict(
@timgraham

timgraham Jun 24, 2014

Owner

revert this change since you ended up removing has_permission here

@@ -24,16 +24,18 @@
<div id="branding">
{% block branding %}{% endblock %}
</div>
- {% if user.is_active and user.is_staff %}
+ {% if has_permission %}
@timgraham

timgraham Jun 24, 2014

Owner

is this going to be backwards incompatible for users who maybe writing a custom admin view but don't put has_permission in the context?

- return self.render_to_response(admin.site.each_context())
+ return self.render_to_response(dict(
+ admin.site.each_context(),
+ has_permission=admin.site.has_permission(self.request)))
return super(BaseAdminDocsView, self).dispatch(*args, **kwargs)
def get_context_data(self, **kwargs):
kwargs.update({'root_path': urlresolvers.reverse('admin:index')})
@timgraham

timgraham Jun 24, 2014

Owner
kwargs.update({
    'root_path': urlresolvers.reverse('admin:index'),
    'has_permission': admin.site.has_permission(self.request),
})
Owner

timgraham commented Oct 30, 2014

Closing due to lack of follow-up, please send a new PR if you can update per my comments, thanks!

@timgraham timgraham closed this Oct 30, 2014

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment