play with somort of permission management

content/admin.py

@@ -3,24 +3,25 @@ from django.utils.safestring import mark_safe
 
 from content.models import Link, MediaFile, Question, QuestionVersion, Level, Label
 from lib.utils import color_label
+from lib.mixins import PermissionsAdminMixin
 
 
 @admin.register(Level)
-class LevelAdmin(admin.ModelAdmin):
+class LevelAdmin(PermissionsAdminMixin, admin.ModelAdmin):
     search_fields = ('name', 'value',)
     list_display = ('name', 'value', 'color')
     list_editable = ('color',)
 
 
 @admin.register(Label)
-class LabelAdmin(admin.ModelAdmin):
+class LabelAdmin(PermissionsAdminMixin, admin.ModelAdmin):
     search_fields = ('name',)
     list_display = ('name', 'color')
     list_editable = ('color',)
 
 
 @admin.register(Question)
-class QuestionAdmin(admin.ModelAdmin):
+class QuestionAdmin(PermissionsAdminMixin, admin.ModelAdmin):
     autocomplete_fields = ('medias', 'links', 'labels',)
     list_display = ('name', 'list_labels', 'list_level', 'author')
     search_fields = ('name', 'question', 'awnser', 'description', 'label__name', 'level__value', 'level__name',)
@@ -46,13 +47,13 @@ class QuestionAdmin(admin.ModelAdmin):
 
 
 @admin.register(MediaFile)
-class MediaFileAdmin(admin.ModelAdmin):
+class MediaFileAdmin(PermissionsAdminMixin, admin.ModelAdmin):
     search_fields = ('name', 'file__name')
     list_display = ('name', 'file')
 
 
 @admin.register(Link)
-class LinkAdmin(admin.ModelAdmin):
+class LinkAdmin(PermissionsAdminMixin, admin.ModelAdmin):
     search_fields = ('url',)
 
 
@@ -71,3 +72,6 @@ class QuestionVersionAdmin(admin.ModelAdmin):
     def has_delete_permission(self, request, obj=None):
         """Versions are immutable """
         return False
+
+    def has_view_permission(self, request, obj=None):
+        return True

lib/__init__.py

@@ -1 +1,11 @@
-from .middleware.current_user import get_current_user
+from .middleware.current_user import get_current_user, get_current_request
+
+def permissions(instance, read = False):
+    if read:
+        return True
+    u = get_current_user()
+    if u.is_superuser or u == instance.author:
+        return True
+    return False
+
+

lib/mixins/__init__.py

@@ -0,0 +1,20 @@
+from lib import permissions
+
+
+class PermissionsAdminMixin:
+    def has_add_permission(self, request, obj=None):
+        """If a group right is not set :)
+        Allways be able to create a version
+        """
+        return permissions(obj) if obj else True
+
+    def has_change_permission(self, request, obj=None):
+        """Versions are immutable """
+        return permissions(obj) if obj else True
+
+    def has_delete_permission(self, request, obj=None):
+        """Versions are immutable """
+        return permissions(obj) if obj else True
+
+    def has_view_permissions(selfself, request, obj=None):
+        return True

quiz/admin.py

@@ -1,6 +1,7 @@
 from django.contrib import admin
 
 from quiz.models import Quiz, Question
+from lib.mixins import PermissionsAdminMixin
 
 
 class QuizQuestionInlineAdmin(admin.StackedInline):
@@ -8,7 +9,7 @@ class QuizQuestionInlineAdmin(admin.StackedInline):
 
 
 @admin.register(Quiz)
-class QuizAdmin(admin.ModelAdmin):
+class QuizAdmin(PermissionsAdminMixin, admin.ModelAdmin):
     inlines = (QuizQuestionInlineAdmin,)
     list_display = ('name', 'download_urls')
     search_fields = (