Use ABAC core functions to remove an ABAC permission from the GUI

2011-08-28 20:05:52 +02:00 · 2011-08-28 20:05:52 +02:00 · 8d921ba734
parent 463ebc694c
commit 8d921ba734
1 changed files with 12 additions and 7 deletions
--- a/acs/abac_views.py
+++ b/acs/abac_views.py
@ -71,7 +71,8 @@ from views import check_object_or_view, check_action_or_activity, \
 from acs.abac.models import *

 from acs.abac.core import get_all_attribute_definitions, get_all_sources, \
-    get_attribute_definition_by_name
+    get_attribute_definition_by_name, \
+    remove_rule

 from acs.abac.logic import is_proposition

@ -1158,10 +1159,14 @@ def del_abac_permission(request):
            return render_to_response(template_name, tpl_parameters,
               context_instance=RequestContext(request))

-        logger.debug('del_abac_permission: deletion of %s' % p)
-
-        p.delete()
-
-        messages.add_message(request, messages.INFO,
-                _('Permission deleted'))
+        logger.info('del_abac_permission: deletion of %s' % p)
+        try:
+            remove_rule(p.rule)
+            p.delete()
+            logger.info('del_abac_permission: permission deleted')
+            messages.add_message(request, messages.INFO,
+                    _('Permission deleted'))
+        except Exception, err:
+            messages.add_message(request, messages.ERROR,
+                _('Unable to delete permission due to %s') %str(err))
    return HttpResponseRedirect(back)