Add support for permissions specific to Local Sites.
Review Request #4880 — Created Nov. 3, 2013 and submitted — Latest diff uploaded
Add support for permissions specific to Local Sites.
Local Sites had no equivalent of our custom permissions, like
can_change_status or can_submit_as_another_user. It also didn't grant
these abilities to administrators of Local Sites.Now, a LocalSiteProfile defines a permissions dictionary, which contains
all granted permissions for the user. Local Site administrators
automatically have all permissions for a Local Site.To do this, we make use of an AuthBackend's ability to do custom
permission lookups. The main function for this, has_perm, can take a
parameter for the object permissions are being looked up on.This parameter is unused by defaut and in fact not allowed on any
built-in backends. Django doesn't make any real use of it. The intent
appears to be to pass an object like a ReviewRequest to it, but there's
no real rules governing this.For our usage, passing a LocalSite as the object will have it look up
that permission in the user's list of permissions for the LocalSite. All
callers must then do when checking permissions is to pass the LocalSite
(or None) when calling has_perm.The 'perms' context variable for templates has also been replaced with a
version that will pass the LocalSite for these requests.
Unit tests pass.
Manually tested closing a review request and editing one as a user with
those permissions, and as an administrator.