From 6af731b3dc8e1eff7d2fd629dfd23d7e975d195d Mon Sep 17 00:00:00 2001 From: =?utf8?q?Olivier=20Larchev=C3=AAque?= Date: Fri, 28 Sep 2012 11:22:40 -0400 Subject: [PATCH] retrait des dossiers inline security issue --- project/rh/admin.py | 20 +------------------- 1 file changed, 1 insertion(+), 19 deletions(-) diff --git a/project/rh/admin.py b/project/rh/admin.py index 62df1c9..07e1efb 100644 --- a/project/rh/admin.py +++ b/project/rh/admin.py @@ -268,22 +268,6 @@ class ContratInline(admin.TabularInline): extra = 1 -class DossierROInline(ReadOnlyInlineMixin, LinkedInline): - template = "admin/rh/dossier/linked.html" - model = rh.Dossier - extra = 0 - can_delete = False - - def has_add_permission(self, request=None): - return False - - def has_change_permission(self, request, obj=None): - return False - - def has_delete_permission(self, request, obj=None): - return False - - class DossierCommentaireInline(admin.TabularInline): readonly_fields = ('owner',) model = rh.DossierCommentaire @@ -584,7 +568,7 @@ class EmployeAdminBase(DateRangeMixin, ProtectRegionMixin, 'rh_dossiers__poste__implantation', 'nb_postes' ) inlines = ( - AyantDroitInline, DossierROInline, EmployePieceInline, + AyantDroitInline, EmployePieceInline, EmployeCommentaireInline ) fieldsets = ( @@ -796,7 +780,6 @@ class OrganismeBstgAdmin(reversion.VersionAdmin, DerniereModificationAdmin, search_fields = ('nom',) list_display = ('nom', 'type', 'pays', 'derniere_modification') list_filter = ('type', ) - inlines = (DossierROInline,) fieldsets = ( (None, {'fields': ('nom', 'type', 'pays',)}), ) @@ -889,7 +872,6 @@ class PosteAdmin(DateRangeMixin, ProtectRegionMixin, reversion.VersionAdmin, inlines = (PosteFinancementInline, PostePieceInline, - DossierROInline, PosteComparaisonInline, PosteCommentaireInline, ) -- 1.7.10.4