summaryrefslogtreecommitdiff
path: root/archaeological_files
diff options
context:
space:
mode:
authorÉtienne Loks <etienne.loks@iggdrasil.net>2024-10-16 17:57:13 +0200
committerÉtienne Loks <etienne.loks@iggdrasil.net>2025-02-19 14:43:48 +0100
commitc93dd3812c53d21ab8517dc7af72e1d4b70a1b04 (patch)
tree2153d8fd121f7ecd08a31e4867d58a2eb3c9aab7 /archaeological_files
parentb8eef9b6aaed7ee097f8ea86174067f9ca42abd8 (diff)
downloadIshtar-c93dd3812c53d21ab8517dc7af72e1d4b70a1b04.tar.bz2
Ishtar-c93dd3812c53d21ab8517dc7af72e1d4b70a1b04.zip
♻ permissions refactoring: refactor has_permission methods
Diffstat (limited to 'archaeological_files')
-rw-r--r--archaeological_files/admin.py6
-rw-r--r--archaeological_files/ishtar_menu.py40
-rw-r--r--archaeological_files/models.py11
-rw-r--r--archaeological_files/urls.py49
-rw-r--r--archaeological_files/views.py20
5 files changed, 82 insertions, 44 deletions
diff --git a/archaeological_files/admin.py b/archaeological_files/admin.py
index 206e97348..9ed26e68c 100644
--- a/archaeological_files/admin.py
+++ b/archaeological_files/admin.py
@@ -176,8 +176,10 @@ class CopyPriceAgreementAdmin(GeneralTypeAdmin):
def copy_price_agreement(self, request):
form = None
- if not hasattr(request.user, "ishtaruser") or request.user.ishtaruser.has_right(
- "change_priceagreement", session=request.session):
+ if not request.user.is_superuser and (
+ not hasattr(request.user, "ishtaruser") or
+ not request.user.ishtaruser.has_permission(
+ "archaeological_files.change_priceagreement")):
self.message_user(
request, str(_("Cannot change price agreement."))
)
diff --git a/archaeological_files/ishtar_menu.py b/archaeological_files/ishtar_menu.py
index bfdd72148..5541fd1d3 100644
--- a/archaeological_files/ishtar_menu.py
+++ b/archaeological_files/ishtar_menu.py
@@ -25,7 +25,7 @@ from archaeological_operations.models import AdministrativeAct
from . import models
-# be carreful: each access_controls must be relevant with check_rights in urls
+# be carreful: each access_controls must be relevant with check_permissions in urls
MENU_SECTIONS = [
(
@@ -40,31 +40,43 @@ MENU_SECTIONS = [
"file_search",
_("Search"),
model=models.File,
- access_controls=["view_file", "view_own_file"],
+ access_controls=[
+ "archaeological_files.view_file",
+ "archaeological_files.view_own_file"
+ ],
),
MenuItem(
"file_creation",
_("Creation"),
model=models.File,
- access_controls=["add_file", "add_own_file"],
+ access_controls=[
+ "archaeological_files.add_file",
+ "archaeological_files.add_own_file"
+ ],
),
MenuItem(
"file_modification",
_("Modification"),
model=models.File,
- access_controls=["change_file", "change_own_file"],
+ access_controls=[
+ "archaeological_files.change_file",
+ "archaeological_files.change_own_file"
+ ],
),
MenuItem(
"file_closing",
_("Closing"),
model=models.File,
- access_controls=["close_file"],
+ access_controls=["archaeological_files.close_file"],
),
MenuItem(
"file_deletion",
_("Deletion"),
model=models.File,
- access_controls=["delete_file", "delete_own_file"],
+ access_controls=[
+ "archaeological_files.delete_file",
+ "archaeological_files.delete_own_file"
+ ],
),
SectionItem(
"admin_act_files",
@@ -74,25 +86,33 @@ MENU_SECTIONS = [
"file_administrativeactfile_search",
_("Search"),
model=AdministrativeAct,
- access_controls=["change_administrativeact"],
+ access_controls=[
+ "archaeological_operations.change_administrativeact"
+ ],
),
MenuItem(
"file_administrativeactfile",
_("Creation"),
model=AdministrativeAct,
- access_controls=["change_administrativeact"],
+ access_controls=[
+ "archaeological_operations.change_administrativeact"
+ ],
),
MenuItem(
"file_administrativeactfile_modification",
_("Modification"),
model=AdministrativeAct,
- access_controls=["change_administrativeact"],
+ access_controls=[
+ "archaeological_operations.change_administrativeact"
+ ],
),
MenuItem(
"file_administrativeactfile_deletion",
_("Deletion"),
model=AdministrativeAct,
- access_controls=["change_administrativeact"],
+ access_controls=[
+ "archaeological_operations.change_administrativeact"
+ ],
),
],
),
diff --git a/archaeological_files/models.py b/archaeological_files/models.py
index 222c7b700..1f164c30d 100644
--- a/archaeological_files/models.py
+++ b/archaeological_files/models.py
@@ -27,12 +27,13 @@ from django.contrib.gis.db import models
from django.contrib.postgres.indexes import GinIndex
from django.core.cache import cache
from django.core.validators import MinValueValidator, MaxValueValidator
-from django.db.models import Q, Count, Sum, Max
+from django.db.models import Max
from django.db.models.signals import post_save, m2m_changed, post_delete
from django.urls import reverse
from ishtar_common.models_common import OrderedHierarchicalType
-from ishtar_common.utils import ugettext_lazy as _, pgettext_lazy, get_current_profile, InlineClass
+from ishtar_common.utils import ugettext_lazy as _, pgettext_lazy, get_current_profile, \
+ InlineClass
from ishtar_common.utils import (
cached_label_changed,
@@ -1548,7 +1549,7 @@ class File(
def get_extra_actions(self, request):
# url, base_text, icon, extra_text, extra css class, is a quick action
actions = super(File, self).get_extra_actions(request)
- if self.can_do(request, "change_operation"):
+ if self.can_do(request, "archaeological_files.change_file"):
actions += [
(
reverse("file-parcels-modify", args=[self.pk]),
@@ -1571,7 +1572,7 @@ class File(
False,
),
]
- if self.can_do(request, "add_administrativeact"):
+ if self.can_do(request, "archaeological_operations.add_administrativeact"):
actions += [
(
reverse("file-add-adminact", args=[self.pk]),
@@ -1582,7 +1583,7 @@ class File(
False,
),
]
- if self.can_do(request, "add_operation"):
+ if self.can_do(request, "archaeological_operations.add_operation"):
actions += [
(
reverse("file-add-operation", args=[self.pk]),
diff --git a/archaeological_files/urls.py b/archaeological_files/urls.py
index 0be30874b..4b50047a6 100644
--- a/archaeological_files/urls.py
+++ b/archaeological_files/urls.py
@@ -20,24 +20,24 @@
from django.conf.urls import url
from django.urls import path
-from ishtar_common.utils import check_rights
+from ishtar_common.utils import check_permissions
from archaeological_files import views, views_api
from archaeological_operations.views import administrativeactfile_document
-# be carreful: each check_rights must be relevant with ishtar_menu
+# be carreful: each check_permissions must be relevant with ishtar_menu
# forms:
urlpatterns = [
url(
r"file_administrativeactfile_search/(?P<step>.+)?$",
- check_rights(["change_administrativeact"])(
+ check_permissions(["archaeological_operations.change_administrativeact"])(
views.file_administrativeactfile_search_wizard
),
name="file_administrativeactfile_search",
),
url(
r"^file_administrativeactfile/(?P<step>.+)?$",
- check_rights(["change_administrativeact"])(
+ check_permissions(["archaeological_operations.change_administrativeact"])(
views.file_administrativeactfile_wizard
),
name="file_administrativeactfile",
@@ -49,14 +49,14 @@ urlpatterns = [
),
url(
r"file_administrativeactfile_deletion/(?P<step>.+)?$",
- check_rights(["change_administrativeact"])(
+ check_permissions(["archaeological_operations.change_administrativeact"])(
views.file_administrativeactfile_deletion_wizard
),
name="file_administrativeactfile_deletion",
),
url(
r"file_administrativeactfile_modification/(?P<step>.+)?$",
- check_rights(["change_administrativeact"])(
+ check_permissions(["archaeological_operations.change_administrativeact"])(
views.file_administrativeactfile_modification_wizard
),
name="file_administrativeactfile_modification",
@@ -68,17 +68,20 @@ urlpatterns = [
),
url(
r"file_search/(?P<step>.+)?$",
- check_rights(["view_file", "view_own_file"])(views.file_search_wizard),
+ check_permissions([
+ "archaeological_files.view_file",
+ "archaeological_files.view_own_file"])(views.file_search_wizard),
name="file_search",
),
url(
r"^file_creation/(?P<step>.+)?$",
- check_rights(["add_file"])(views.file_creation_wizard),
+ check_permissions(["archaeological_files.add_file"])(views.file_creation_wizard),
name="file_creation",
),
url(
r"^file_modification/(?P<step>.+)?$",
- check_rights(["change_file", "change_own_file"])(
+ check_permissions(["archaeological_files.change_file",
+ "archaeological_files.change_own_file"])(
views.file_modification_wizard
),
name="file_modification",
@@ -86,12 +89,16 @@ urlpatterns = [
url(r"^file_modify/(?P<pk>.+)/$", views.file_modify, name="file_modify"),
url(
r"^file_closing/(?P<step>.+)?$",
- check_rights(["change_file"])(views.file_closing_wizard),
+ check_permissions(
+ ["archaeological_files.change_file"]
+ )(views.file_closing_wizard),
name="file_closing",
),
url(
r"file_deletion/(?P<step>.+)?$",
- check_rights(["delete_file", "delete_own_file"])(views.file_deletion_wizard),
+ check_permissions(
+ ["archaeological_files.delete_file", "archaeological_files.delete_own_file"]
+ )(views.file_deletion_wizard),
name="file_deletion",
),
url(r"^file_delete/(?P<pk>.+)/$", views.file_delete, name="delete-file"),
@@ -123,7 +130,9 @@ urlpatterns = [
url(r"revert-file/(?P<pk>.+)/(?P<date>.+)$", views.revert_file, name="revert-file"),
url(
r"^file-add-adminact/(?P<pk>[0-9-]+)/$",
- check_rights(["add_administrativeact"])(views.file_adminact_add),
+ check_permissions(["archaeological_operations.add_administrativeact"])(
+ views.file_adminact_add
+ ),
name="file-add-adminact",
),
url(
@@ -134,12 +143,15 @@ urlpatterns = [
),
url(
r"^file-add-operation/(?P<pk>[0-9-]+)/$",
- check_rights(["add_operation"])(views.file_add_operation),
+ check_permissions(["archaeological_operations.add_operation"])(
+ views.file_add_operation
+ ),
name="file-add-operation",
),
url(
r'^file/edit-preventive-price/(?P<pk>\d+)/$',
- check_rights(["change_file", "change_own_file"])(
+ check_permissions(["archaeological_files.change_file",
+ "archaeological_files.change_own_file"])(
views.PreventiveSimpleEditView.as_view()
),
name="file-edit-preventive-price",
@@ -151,21 +163,24 @@ urlpatterns = [
),
url(
r'^file/edit-preventive/(?P<pk>\d+)/$',
- check_rights(["change_file", "change_own_file"])(
+ check_permissions(["archaeological_files.change_file",
+ "archaeological_files.change_own_file"])(
views.PreventiveEditView.as_view()
),
name="file-edit-preventive",
),
url(
r'^file/edit-preventive/add-default-cost/(?P<pk>\d+)/$',
- check_rights(["change_file", "change_own_file"])(
+ check_permissions(["archaeological_files.change_file",
+ "archaeological_files.change_own_file"])(
views.file_edit_preventive_add_default
),
name="file-edit-preventive-default-cost",
),
url(
r'^file/edit-preventive/copy-planned/(?P<pk>\d+)/$',
- check_rights(["change_file", "change_own_file"])(
+ check_permissions(["archaeological_files.change_file",
+ "archaeological_files.change_own_file"])(
views.file_edit_preventive_copy_planned
),
name="file-edit-preventive-copy-planned",
diff --git a/archaeological_files/views.py b/archaeological_files/views.py
index 44ba75947..0d3f978b5 100644
--- a/archaeological_files/views.py
+++ b/archaeological_files/views.py
@@ -24,7 +24,7 @@ from django.db.models import Q, F
from django.http import HttpResponse, Http404, HttpResponseRedirect
from django.forms.formsets import formset_factory
from django.views.generic.edit import UpdateView
-from django.shortcuts import redirect, render
+from django.shortcuts import redirect
from django.urls import reverse
from ishtar_common.utils import ugettext_lazy as _
@@ -56,18 +56,18 @@ from archaeological_operations.forms import FinalAdministrativeActDeleteForm
from ishtar_common.forms import ClosingDateFormSelection
from . import forms, models
-from archaeological_operations.models import Operation, AdministrativeAct
+from archaeological_operations.models import AdministrativeAct
RE_YEAR_INDEX = re.compile(r"([1-2][0-9]{3})-([0-9]+)") # eg.: 2014-123
def autocomplete_file(request):
+ ishtaruser = getattr(request.user, "ishtaruser", None)
+ if not ishtaruser:
+ return HttpResponse(content_type="text/plain")
if (
- not request.user.has_perm("ishtar_common.view_file", models.File)
- and not request.user.has_perm("ishtar_common.view_own_file", models.File)
- and not request.user.ishtaruser.has_right(
- "file_search", session=request.session
- )
+ not ishtaruser.has_permission("archaeological_files.view_file")
+ and not ishtaruser.has_permission("archaeological_files.view_own_file")
):
return HttpResponse(content_type="text/plain")
if not request.GET.get("term"):
@@ -103,9 +103,9 @@ revert_file = revert_item(models.File)
def extra_file_dct(request, item):
dct = {}
- if request.user.has_perm(
- "ishtar_common.add_operation", Operation
- ) or request.user.ishtaruser.has_right("add_operation"):
+ if request.user.ishtaruser.has_permission(
+ "archaeological_operations.add_operation"
+ ):
dct["can_add_operation"] = True
return dct
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-16 08:13:18 +0000