Add permissions sidebar control to record page

thenoviceoof · Jan 10, 2012 · db2fcd7 · db2fcd7
1 parent 917abee
commit db2fcd7
Show file tree

Hide file tree

Showing 3 changed files with 24 additions and 4 deletions.
diff --git a/rooibos/data/models.py b/rooibos/data/models.py
@@ -275,16 +275,22 @@ def get_title():
     def shared(self):
         return bool(self.collectionitem_set.filter(hidden=False).count()) if self.owner else None
 
-    def editable_by(self, user):
+    def _check_permission_for_user(self, user, **permissions):
         # checks if user is owner or has ACL access
-        if check_access(user, self, write=True):
+        if check_access(user, self, **permissions):
             return True
         # if record does not have individual ACL...
         if len(_records_with_individual_acl_by_ids([self.id])) > 0:
             return False
         # ...check collection access
-        return len(accessible_ids(user, self.collection_set, write=True)) > 0
+        return len(accessible_ids(user, self.collection_set, **permissions)) > 0
-
+
+    def editable_by(self, user):
+        return self._check_permission_for_user(user, write=True)
+
+    def manageable_by(self, user):
+        return self._check_permission_for_user(user, manage=True)
+
 
 class MetadataStandard(models.Model):
     title = models.CharField(max_length=100)

diff --git a/rooibos/data/templates/data_record.html b/rooibos/data/templates/data_record.html
@@ -2,6 +2,7 @@
 {% load ui %}
 {% load viewers %}
 {% load data %}
+{% load access_control %}
 
 {% block javascript %}
 {{ block.super }}
@@ -220,6 +221,16 @@
 </div>
 {% endif %}
 
+
+{% if can_manage %}
+  <div class="facet active-facet" id="data_record_sidebar_permissions">
+    <div class="facet-header">Permissions <a href="{% permissions_modify_url record %}"><img src="{% url static 'images/edit.png' %}" class="facet-button" /></a></div>
+    <div class="facet-body">
+        {% permissions_display record "Inherited from collection" %}
+    </div>
+  </div>
+{% endif %}
+
 {% endblock %}
 
 

diff --git a/rooibos/data/views.py b/rooibos/data/views.py
@@ -72,10 +72,12 @@ def record(request, id, name, contexttype=None, contextid=None, contextname=None
     writable_collections = list(accessible_ids(request.user, Collection, write=True))
     readable_collections = list(accessible_ids(request.user, Collection))
     can_edit = request.user.is_authenticated()
+    can_manage = False
 
     if id and name:
         record = Record.get_or_404(id, request.user)
         can_edit = can_edit and record.editable_by(request.user)
+        can_manage = record.manageable_by(request.user)
     else:
         if request.user.is_authenticated() and (writable_collections or (personal and readable_collections)):
             record = Record()
@@ -290,6 +292,7 @@ class CollectionForm(forms.Form):
                                'fv_formset': formset,
                                'c_formset': collectionformset,
                                'can_edit': can_edit,
+                               'can_manage': can_manage,
                                'next': request.GET.get('next'),
                                'collection_items': collection_items,
                                'upload_form': upload_form,