Django 1.8: simplify ihtaruser management

11 files changed, 115 insertions, 85 deletions

diff --git a/archaeological_context_records/models.py b/archaeological_context_records/models.py
index 64859c185..678b0371d 100644
--- a/archaeological_context_records/models.py
+++ b/archaeological_context_records/models.py
@@ -361,11 +361,11 @@ class ContextRecord(BaseHistorizedItem, ImageModel, OwnPerms,
         return reverse('show-contextrecord', args=[self.pk, ''])
 
     @classmethod
-    def get_query_owns(cls, user):
-        return (Q(operation__scientist=user.ishtaruser.person) |
-                Q(operation__in_charge=user.ishtaruser.person) |
-                Q(operation__collaborators__pk=user.ishtaruser.person.pk) |
-                Q(history_creator=user)) \
+    def get_query_owns(cls, ishtaruser):
+        return (Q(operation__scientist=ishtaruser.person) |
+                Q(operation__in_charge=ishtaruser.person) |
+                Q(operation__collaborators__pk=ishtaruser.person.pk) |
+                Q(history_creator=ishtaruser.user_ptr)) \
             & Q(operation__end_date__isnull=True)
 
     @classmethod
diff --git a/archaeological_files/models.py b/archaeological_files/models.py
index 2bd5eba9c..2a4bcb0aa 100644
--- a/archaeological_files/models.py
+++ b/archaeological_files/models.py
@@ -430,9 +430,9 @@ class File(ClosedItem, BaseHistorizedItem, OwnPerms, ValueGetter,
         return self.towns.all()[0].numero_insee[:2]
 
     @classmethod
-    def get_query_owns(cls, user):
-        return (Q(history_creator=user) |
-                Q(in_charge__ishtaruser=user.ishtaruser)) \
+    def get_query_owns(cls, ishtaruser):
+        return (Q(history_creator=ishtaruser.user_ptr) |
+                Q(in_charge__ishtaruser=ishtaruser)) \
             & Q(end_date__isnull=True)
 
     def is_active(self):
diff --git a/archaeological_finds/models_finds.py b/archaeological_finds/models_finds.py
index 6e920bc7d..b4579d4df 100644
--- a/archaeological_finds/models_finds.py
+++ b/archaeological_finds/models_finds.py
@@ -883,14 +883,14 @@ class Find(ValueGetter, BaseHistorizedItem, ImageModel, OwnPerms,
         return new
 
     @classmethod
-    def get_query_owns(cls, user):
-        return (Q(base_finds__context_record__operation__scientist=user.
+    def get_query_owns(cls, ishtaruser):
+        return (Q(base_finds__context_record__operation__scientist=
                  ishtaruser.person) |
-                Q(base_finds__context_record__operation__in_charge=user.
+                Q(base_finds__context_record__operation__in_charge=
                   ishtaruser.person) |
-                Q(base_finds__context_record__operation__collaborators__pk=user.
+                Q(base_finds__context_record__operation__collaborators__pk=
                   ishtaruser.person.pk) |
-                Q(history_creator=user)) \
+                Q(history_creator=ishtaruser.user_ptr)) \
            & Q(base_finds__context_record__operation__end_date__isnull=True)
 
     @classmethod
@@ -1114,13 +1114,13 @@ class FindSource(Source):
         return self.find
 
     @classmethod
-    def get_query_owns(cls, user):
-        return (Q(find__base_finds__context_record__operation__scientist=user.
+    def get_query_owns(cls, ishtaruser):
+        return (Q(find__base_finds__context_record__operation__scientist=
                   ishtaruser.person) |
-                Q(find__base_finds__context_record__operation__in_charge=user.
+                Q(find__base_finds__context_record__operation__in_charge=
                   ishtaruser.person) |
                 Q(
-            find__base_finds__context_record__operation__collaborators__pk=user.
+            find__base_finds__context_record__operation__collaborators__pk=
             ishtaruser.person.pk)) \
                & Q(
             find__base_finds__context_record__operation__end_date__isnull=True)
diff --git a/archaeological_finds/models_treatments.py b/archaeological_finds/models_treatments.py
index 5dacb72f8..cfde9b036 100644
--- a/archaeological_finds/models_treatments.py
+++ b/archaeological_finds/models_treatments.py
@@ -167,9 +167,9 @@ class Treatment(DashboardFormItem, ValueGetter, BaseHistorizedItem,
         return _(u"TREATMENT")
 
     @classmethod
-    def get_query_owns(cls, user):
-        return (Q(history_creator=user) |
-                Q(person__ishtaruser=user.ishtaruser)) \
+    def get_query_owns(cls, ishtaruser):
+        return (Q(history_creator=ishtaruser.user_ptr) |
+                Q(person__ishtaruser=ishtaruser)) \
             & Q(end_date__isnull=True)
 
     @classmethod
@@ -542,9 +542,9 @@ class TreatmentFile(DashboardFormItem, ClosedItem, BaseHistorizedItem,
         return _(u"Treatment request")
 
     @classmethod
-    def get_query_owns(cls, user):
-        return (Q(history_creator=user) |
-                Q(in_charge__ishtaruser=user.ishtaruser)) \
+    def get_query_owns(cls, ishtaruser):
+        return (Q(history_creator=ishtaruser.user_ptr) |
+                Q(in_charge__ishtaruser=ishtaruser)) \
             & Q(end_date__isnull=True)
 
     @property
diff --git a/archaeological_operations/models.py b/archaeological_operations/models.py
index 0548c92e4..1ebf462a3 100644
--- a/archaeological_operations/models.py
+++ b/archaeological_operations/models.py
@@ -573,12 +573,12 @@ class Operation(ClosedItem, BaseHistorizedItem, ImageModel, OwnPerms,
         return round(float(self.cost) / self.surface, 2)
 
     @classmethod
-    def get_query_owns(cls, user):
+    def get_query_owns(cls, ishtaruser):
         return (
-            Q(in_charge=user.ishtaruser.person) |
-            Q(scientist=user.ishtaruser.person) |
-            Q(collaborators__pk=user.ishtaruser.person.pk) |
-            Q(history_creator=user)) & Q(end_date__isnull=True)
+            Q(in_charge=ishtaruser.person) |
+            Q(scientist=ishtaruser.person) |
+            Q(collaborators__pk=ishtaruser.person.pk) |
+            Q(history_creator=ishtaruser.user_ptr)) & Q(end_date__isnull=True)
 
     def is_active(self):
         return not bool(self.end_date)
@@ -926,10 +926,10 @@ class OperationSource(Source):
                                    self.index)
 
     @classmethod
-    def get_query_owns(cls, user):
-        return (Q(operation__in_charge=user.ishtaruser.person) |
-                Q(operation__scientist=user.ishtaruser.person) |
-                Q(operation__collaborators__pk=user.ishtaruser.person.pk)) \
+    def get_query_owns(cls, ishtaruser):
+        return (Q(operation__in_charge=ishtaruser.person) |
+                Q(operation__scientist=ishtaruser.person) |
+                Q(operation__collaborators__pk=ishtaruser.person.pk)) \
                & Q(operation__end_date__isnull=True)
 
 
diff --git a/archaeological_warehouse/models.py b/archaeological_warehouse/models.py
index 96814339c..c8f50987e 100644
--- a/archaeological_warehouse/models.py
+++ b/archaeological_warehouse/models.py
@@ -81,8 +81,8 @@ class Warehouse(Address, DashboardFormItem, OwnPerms):
                slugify(unicode(self))
 
     @classmethod
-    def get_query_owns(cls, user):
-        return Q(person_in_charge__ishtaruser=user.ishtaruser)
+    def get_query_owns(cls, ishtaruser):
+        return Q(person_in_charge__ishtaruser=ishtaruser)
 
     @property
     def number_of_finds(self):
@@ -310,10 +310,10 @@ class Container(LightHistorizedItem, ImageModel):
         return cached_label
 
     @classmethod
-    def get_query_owns(cls, user):
-        return Q(history_creator=user) | \
-            Q(location__person_in_charge__ishtaruser=user.ishtaruser) | \
-            Q(responsible__person_in_charge__ishtaruser=user.ishtaruser)
+    def get_query_owns(cls, ishtaruser):
+        return Q(history_creator=ishtaruser.user_ptr) | \
+            Q(location__person_in_charge__ishtaruser=ishtaruser) | \
+            Q(responsible__person_in_charge__ishtaruser=ishtaruser)
 
     @property
     def associated_filename(self):
diff --git a/example_project/settings.py b/example_project/settings.py
index 795629e44..9d0b02299 100644
--- a/example_project/settings.py
+++ b/example_project/settings.py
@@ -35,7 +35,6 @@ ODT_TEMPLATE = ROOT_PATH + "../ishtar_common/static/template.odt"
 
 LOGIN_REDIRECT_URL = "/" + URL_PATH
 
-AUTH_PROFILE_MODULE = 'ishtar_common.IshtarUser'
 ACCOUNT_ACTIVATION_DAYS = 7
 
 # change this in local_settings
diff --git a/ishtar_common/admin.py b/ishtar_common/admin.py
index 31cf87699..cba10ea0d 100644
--- a/ishtar_common/admin.py
+++ b/ishtar_common/admin.py
@@ -300,19 +300,13 @@ class SpatialReferenceSystemAdmin(GeneralTypeAdmin):
 admin.site.register(models.SpatialReferenceSystem, SpatialReferenceSystemAdmin)
 
 
-class IshtarUserAdmin(admin.ModelAdmin):
-    readonly_fields = ('password',)
-
-admin.site.register(models.IshtarUser, IshtarUserAdmin)
-
-
 class ItemKeyAdmin(admin.ModelAdmin):
     list_display = ('content_type', 'key', 'content_object', 'importer')
     search_fields = ('key', )
 admin.site.register(models.ItemKey, ItemKeyAdmin)
 
 
-basic_models = [models.DocumentTemplate]
+basic_models = [models.DocumentTemplate, models.IshtarUser]
 if settings.COUNTRY == 'fr':
     basic_models += [models.Arrondissement, models.Canton]
 
diff --git a/ishtar_common/migrations/0002_change_ishtaruser_management.py b/ishtar_common/migrations/0002_change_ishtaruser_management.py
new file mode 100644
index 000000000..3dda6d7cb
--- /dev/null
+++ b/ishtar_common/migrations/0002_change_ishtaruser_management.py
@@ -0,0 +1,25 @@
+# -*- coding: utf-8 -*-
+from __future__ import unicode_literals
+
+from django.db import models, migrations
+from django.conf import settings
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('ishtar_common', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.AlterModelManagers(
+            name='ishtaruser',
+            managers=[
+            ],
+        ),
+        migrations.AlterField(
+            model_name='ishtaruser',
+            name='user_ptr',
+            field=models.OneToOneField(primary_key=True, serialize=False, to=settings.AUTH_USER_MODEL),
+        ),
+    ]
diff --git a/ishtar_common/models.py b/ishtar_common/models.py
index 357140ea4..a0ae1ce44 100644
--- a/ishtar_common/models.py
+++ b/ishtar_common/models.py
@@ -74,19 +74,12 @@ logger = logging.getLogger(__name__)
 def post_save_user(sender, **kwargs):
     user = kwargs['instance']
 
-    try:
-        q = IshtarUser.objects.filter(username=user.username)
-        if not q.count():
-            ishtaruser = IshtarUser.create_from_user(user)
-        else:
-            ishtaruser = q.all()[0]
-        administrator, created = PersonType.objects.get_or_create(
-            txt_idx='administrator')
-        if ishtaruser.is_superuser \
-           and not ishtaruser.has_right('administrator'):
-            ishtaruser.person.person_types.add(administrator)
-    except DatabaseError:  # manage when db is not synced
-        pass
+    if kwargs["created"]:
+        try:
+            IshtarUser.create_from_user(user)
+        except DatabaseError:  # manage when db is not synced
+            pass
+    IshtarUser.set_superuser(user)
 post_save.connect(post_save_user, sender=User)
 
 
@@ -314,13 +307,13 @@ class OwnPerms(object):
         """
         Get Own items
         """
-        if isinstance(user, User):
-            user = IshtarUser.objects.get(user_ptr=user)
-        if user.is_anonymous():
+        if hasattr(user, 'is_authenticated') and not user.is_authenticated():
             returned = cls.objects.filter(pk__isnull=True)
             if values:
                 returned = []
             return returned
+        if isinstance(user, User):
+            user = IshtarUser.objects.get(user_ptr=user)
         items = []
         if hasattr(cls, 'BASKET_MODEL'):
             items = list(cls.BASKET_MODEL.objects.filter(user=user).all())
@@ -2769,20 +2762,20 @@ class Person(Address, Merge, OwnPerms, ValueGetter):
                 txt_idx__in=right_name).count()) or \
                 bool(self.person_types.filter(
                      groups__permissions__codename__in=right_name).count()) or\
-                bool(self.ishtaruser.groups.filter(
+                bool(self.ishtaruser.user_ptr.groups.filter(
                      permissions__codename__in=right_name
                      ).count()) or\
-                bool(self.ishtaruser.user_permissions.filter(
+                bool(self.ishtaruser.user_ptr.user_permissions.filter(
                      codename__in=right_name).count())
         # or self.person_types.filter(wizard__url_name__in=right_name).count())
         else:
             res = bool(self.person_types.filter(txt_idx=right_name).count()) or \
                 bool(self.person_types.filter(
                      groups__permissions__codename=right_name).count()) or \
-                bool(self.ishtaruser.groups.filter(
+                bool(self.ishtaruser.user_ptr.groups.filter(
                      permissions__codename__in=[right_name]
-                     ).count()) or\
-                bool(self.ishtaruser.user_permissions.filter(
+                     ).count()) or \
+                bool(self.ishtaruser.user_ptr.user_permissions.filter(
                      codename__in=[right_name]).count())
         # or self.person_types.filter(wizard__url_name=right_name).count())
         if session:
@@ -2850,7 +2843,7 @@ class Person(Address, Merge, OwnPerms, ValueGetter):
               =user.ishtaruser)
 
 
-class IshtarUser(User):
+class IshtarUser(models.Model):
     TABLE_COLS = ('username', 'person__name', 'person__surname',
                   'person__email', 'person__person_types_list',
                   'person__attached_to')
@@ -2867,6 +2860,8 @@ class IshtarUser(User):
     }
 
     # fields
+    user_ptr = models.OneToOneField(User, primary_key=True,
+                                    related_name='ishtaruser')
     person = models.OneToOneField(Person, verbose_name=_(u"Person"),
                                   related_name='ishtaruser')
     advanced_shortcut_menu = models.BooleanField(
@@ -2877,6 +2872,20 @@ class IshtarUser(User):
         verbose_name_plural = _(u"Ishtar users")
 
     @classmethod
+    def set_superuser(cls, user):
+        q = cls.objects.filter(user_ptr=user)
+        if not q.count():
+            return
+        ishtaruser = q.all()[0]
+        admin, created = PersonType.objects.get_or_create(
+            txt_idx='administrator')
+        person = ishtaruser.person
+        if user.is_superuser:
+            person.person_types.add(admin)
+        elif admin in person.person_types.all():
+            person.person_types.remove(admin)
+
+    @classmethod
     def create_from_user(cls, user):
         default = user.username
         surname = user.first_name or default
@@ -2885,13 +2894,7 @@ class IshtarUser(User):
         person = Person.objects.create(surname=surname,
                                        name=name, email=email,
                                        history_modifier=user)
-        if user.is_superuser:
-            person_type, created = PersonType.objects.get_or_create(
-                txt_idx='administrator')
-            person.person_types.add(person_type)
-        password = user.password
-        isht_user = IshtarUser.objects.create(
-            user_ptr=user, username=default, person=person, password=password)
+        isht_user = cls.objects.create(user_ptr=user, person=person)
         return isht_user
 
     def has_right(self, right_name, session=None):
@@ -2902,20 +2905,17 @@ class IshtarUser(User):
 
     def has_perm(self, perm, model=None, session=None, obj=None):
         if not session:
-            return super(IshtarUser, self).has_perm(perm, model)
+            return self.user_ptr.has_perm(perm, model)
         cache_key = 'usersession-{}-{}-{}-{}'.format(
             session.session_key, perm, model.__name__ if model else 'no',
             obj.pk if obj else 'no')
         res = cache.get(cache_key)
         if res in (True, False):
             return res
-        res = super(IshtarUser, self).has_perm(perm, model)
+        res = self.user_ptr.has_perm(perm, model)
         cache.set(cache_key, res, settings.CACHE_SMALLTIMEOUT)
         return res
 
-IshtarUser._meta.get_field('password').help_text = _(
-    u"To modify the password use the form in Auth > User")
-
 
 class AuthorType(GeneralType):
     order = models.IntegerField(_(u"Order"), default=1)
diff --git a/ishtar_common/tests.py b/ishtar_common/tests.py
index 01ff26c5e..d3ac4a4bd 100644
--- a/ishtar_common/tests.py
+++ b/ishtar_common/tests.py
@@ -74,6 +74,8 @@ def create_superuser():
     password = 'dcbqj756456!@%'
     user = User.objects.create_superuser(username, "nomail@nomail.com",
                                          password)
+    user.set_password(password)
+    user.save()
     return username, password, user
 
 
@@ -294,8 +296,15 @@ class AccessControlTest(TestCase):
         user, created = User.objects.get_or_create(username='myusername')
         user.is_superuser = True
         user.save()
-        ishtar_user = models.IshtarUser.objects.get(username=user.username)
+        ishtar_user = models.IshtarUser.objects.get(
+            user_ptr__username='myusername')
         self.assertIn(admin, ishtar_user.person.person_types.all())
+        user = ishtar_user.user_ptr
+        user.is_superuser = False
+        user.save()
+        ishtar_user = models.IshtarUser.objects.get(
+            user_ptr__username='myusername')
+        self.assertNotIn(admin, ishtar_user.person.person_types.all())
 
 
 class AdminGenTypeTest(TestCase):
@@ -318,11 +327,14 @@ class AdminGenTypeTest(TestCase):
     module_name = 'ishtar_common'
 
     def setUp(self):
-        password = 'mypassword'
-        my_admin = User.objects.create_superuser(
-            'myuser', 'myemail@test.com', password)
+        self.password = 'mypassword'
+        self.username = "myuser"
+        user = User.objects.create_superuser(
+            self.username, 'myemail@test.com', self.password)
+        user.set_password(self.password)
+        user.save()
         self.client = Client()
-        self.client.login(username=my_admin.username, password=password)
+        self.client.login(username=self.username, password=self.password)
 
     def test_listing_and_detail(self):
         for model in self.models: