Added row-level permissions to Catalog model

ECOM-3973

Added row-level permissions to Catalog model
ECOM-3973
06995832 · Clinton Blackburn · 87708bf6 · 06995832 · 06995832 · 06995832
Commit 06995832 authored Mar 26, 2016 by Clinton Blackburn
6 changed files
--- a/course_discovery/apps/catalogs/admin.py
+++ b/course_discovery/apps/catalogs/admin.py
 from django.contrib import admin
+from guardian.admin import GuardedModelAdmin
 from course_discovery.apps.catalogs.models import Catalog
 @admin.register(Catalog)
-class CatalogAdmin(admin.ModelAdmin):
+class CatalogAdmin(GuardedModelAdmin):
    list_display = ('name',)
    readonly_fields = ('created', 'modified',)

--- a/course_discovery/apps/catalogs/migrations/0002_auto_20160327_2101.py
+++ b/course_discovery/apps/catalogs/migrations/0002_auto_20160327_2101.py
+# -*- coding: utf-8 -*-
+from __future__ import unicode_literals
+from django.db import migrations, models
+class Migration(migrations.Migration):
+    dependencies = [
+        ('catalogs', '0001_initial'),
+    ]
+    operations = [
+        migrations.AlterModelOptions(
+            name='catalog',
+            options={'ordering': ('-modified', '-created'), 'permissions': (('view_catalog', 'Can view catalog'),), 'get_latest_by': 'modified'},
+        ),
+    ]
--- a/course_discovery/apps/catalogs/models.py
+++ b/course_discovery/apps/catalogs/models.py
@@ -47,3 +47,9 @@ class Catalog(TimeStampedModel):
            contains[result.get_stored_fields()['key']] = True
        return contains
+    class Meta(TimeStampedModel.Meta):
+        abstract = False
+        permissions = (
+            ('view_catalog', 'Can view catalog'),
+        )
--- a/course_discovery/apps/core/models.py
+++ b/course_discovery/apps/core/models.py
@@ -3,9 +3,10 @@
 from django.contrib.auth.models import AbstractUser
 from django.db import models
 from django.utils.translation import ugettext_lazy as _
+from guardian.mixins import GuardianUserMixin
-class User(AbstractUser):
+class User(GuardianUserMixin, AbstractUser):
    """Custom user model for use with OpenID Connect."""
    full_name = models.CharField(_('Full Name'), max_length=255, blank=True, null=True)

--- a/course_discovery/settings/base.py
+++ b/course_discovery/settings/base.py
@@ -36,6 +36,7 @@ THIRD_PARTY_APPS = (
    'sortedm2m',
    'simple_history',
    'haystack',
+    'guardian',
 )
 PROJECT_APPS = (
@@ -166,8 +167,13 @@ AUTH_USER_MODEL = 'core.User'
 AUTHENTICATION_BACKENDS = (
    'auth_backends.backends.EdXOpenIdConnect',
    'django.contrib.auth.backends.ModelBackend',
+    'guardian.backends.ObjectPermissionBackend',
 )
+# Guardian settings
+ANONYMOUS_USER_NAME = None  # Do not allow anonymous user access
+GUARDIAN_MONKEY_PATCH = False  # Use the mixin on the User model instead of monkey-patching.
 ENABLE_AUTO_AUTH = False
 AUTO_AUTH_USERNAME_PREFIX = 'auto_auth_'

--- a/requirements/base.txt
+++ b/requirements/base.txt
 django==1.8.7
 django-extensions==1.5.9
+django-guardian==1.4.2
 django-haystack==2.4.1
 django-simple-history==1.8.1
 django-sortedm2m==1.1.1