summaryrefslogtreecommitdiff
path: root/archaeological_finds
diff options
context:
space:
mode:
authorÉtienne Loks <etienne.loks@iggdrasil.net>2024-10-16 17:57:13 +0200
committerÉtienne Loks <etienne.loks@iggdrasil.net>2025-02-19 14:43:48 +0100
commitc93dd3812c53d21ab8517dc7af72e1d4b70a1b04 (patch)
tree2153d8fd121f7ecd08a31e4867d58a2eb3c9aab7 /archaeological_finds
parentb8eef9b6aaed7ee097f8ea86174067f9ca42abd8 (diff)
downloadIshtar-c93dd3812c53d21ab8517dc7af72e1d4b70a1b04.tar.bz2
Ishtar-c93dd3812c53d21ab8517dc7af72e1d4b70a1b04.zip
♻ permissions refactoring: refactor has_permission methods
Diffstat (limited to 'archaeological_finds')
-rw-r--r--archaeological_finds/forms.py13
-rw-r--r--archaeological_finds/ishtar_menu.py125
-rw-r--r--archaeological_finds/models_finds.py50
-rw-r--r--archaeological_finds/models_treatments.py10
-rw-r--r--archaeological_finds/tests.py5
-rw-r--r--archaeological_finds/urls.py288
-rw-r--r--archaeological_finds/views.py18
7 files changed, 328 insertions, 181 deletions
diff --git a/archaeological_finds/forms.py b/archaeological_finds/forms.py
index 094e6be21..23531aeb0 100644
--- a/archaeological_finds/forms.py
+++ b/archaeological_finds/forms.py
@@ -2619,11 +2619,12 @@ class FindBasketAddItemForm(forms.Form):
basket_id = forms.IntegerField(required=True)
item_id = forms.IntegerField(required=True)
- def save(self, user):
+ def save(self, ishtaruser):
try:
basket = (
models.FindBasket.objects.filter(
- Q(user=user) | Q(shared_with=user) | Q(shared_write_with=user)
+ Q(user=ishtaruser) | Q(shared_with=ishtaruser) |
+ Q(shared_write_with=ishtaruser)
)
.distinct()
.get(pk=self.cleaned_data["basket_id"])
@@ -2634,9 +2635,11 @@ class FindBasketAddItemForm(forms.Form):
raise PermissionDenied
# check rights
if (
- not user.user_ptr.is_superuser
- and not user.has_right("view_find")
- and not (user.has_right("view_own_find") and item.is_own(user))
+ not ishtaruser.user_ptr.is_superuser
+ and not ishtaruser.has_permission("archaeological_finds.view_find")
+ and not ishtaruser.has_permission(
+ "archaeological_finds.view_own_find",
+ obj=item)
):
raise PermissionDenied
basket.items.add(item)
diff --git a/archaeological_finds/ishtar_menu.py b/archaeological_finds/ishtar_menu.py
index aa658023d..6ca50182e 100644
--- a/archaeological_finds/ishtar_menu.py
+++ b/archaeological_finds/ishtar_menu.py
@@ -24,7 +24,7 @@ from ishtar_common.menu_base import SectionItem, MenuItem
from archaeological_operations.models import AdministrativeAct
from . import models
-# be careful: each access_controls must be relevant with check_rights in urls
+# be careful: each access_controls must be relevant with check_permissions in urls
MENU_SECTIONS = [
(
@@ -39,25 +39,37 @@ MENU_SECTIONS = [
"find_search",
_("Search"),
model=models.Find,
- access_controls=["view_find", "view_own_find"],
+ access_controls=[
+ "archeological_finds.view_find",
+ "archeological_finds.view_own_find"
+ ],
),
MenuItem(
"find_creation",
_("Creation"),
model=models.Find,
- access_controls=["add_find", "add_own_find"],
+ access_controls=[
+ "archeological_finds.add_find",
+ "archeological_finds.add_own_find"
+ ],
),
MenuItem(
"find_modification",
_("Modification"),
model=models.Find,
- access_controls=["change_find", "change_own_find"],
+ access_controls=[
+ "archeological_finds.change_find",
+ "archeological_finds.change_own_find"
+ ],
),
MenuItem(
"find_deletion",
_("Deletion"),
model=models.Find,
- access_controls=["change_find", "change_own_find"],
+ access_controls=[
+ "archeological_finds.change_find",
+ "archeological_finds.change_own_find"
+ ],
),
SectionItem(
"find_basket",
@@ -67,31 +79,46 @@ MENU_SECTIONS = [
"find_basket_search",
_("Search"),
model=models.FindBasket,
- access_controls=["view_find", "view_own_find"],
+ access_controls=[
+ "archeological_finds.view_find",
+ "archeological_finds.view_own_find"
+ ],
),
MenuItem(
"find_basket_creation",
_("Creation"),
model=models.FindBasket,
- access_controls=["view_find", "view_own_find"],
+ access_controls=[
+ "archeological_finds.view_find",
+ "archeological_finds.view_own_find"
+ ],
),
MenuItem(
"find_basket_modification",
_("Modification"),
model=models.FindBasket,
- access_controls=["view_find", "view_own_find"],
+ access_controls=[
+ "archeological_finds.view_find",
+ "archeological_finds.view_own_find"
+ ],
),
MenuItem(
"find_basket_modification_add",
_("Manage items"),
model=models.FindBasket,
- access_controls=["view_find", "view_own_find"],
+ access_controls=[
+ "archeological_finds.view_find",
+ "archeological_finds.view_own_find"
+ ],
),
MenuItem(
"find_basket_deletion",
_("Deletion"),
model=models.FindBasket,
- access_controls=["view_find", "view_own_find"],
+ access_controls=[
+ "archeological_finds.view_find",
+ "archeological_finds.view_own_find"
+ ],
),
],
),
@@ -115,15 +142,18 @@ MENU_SECTIONS = [
"treatmentfle_search",
_("Search"),
model=models.TreatmentFile,
- access_controls=["view_treatmentfile", "view_own_treatmentfile"],
+ access_controls=[
+ "archeological_finds.view_treatmentfile",
+ "archeological_finds.view_own_treatmentfile"
+ ],
),
MenuItem(
"treatmentfle_creation",
_("Creation"),
model=models.TreatmentFile,
access_controls=[
- "change_treatmentfile",
- "change_own_treatmentfile",
+ "archeological_finds.change_treatmentfile",
+ "archeological_finds.change_own_treatmentfile",
],
),
MenuItem(
@@ -131,8 +161,8 @@ MENU_SECTIONS = [
_("Modification"),
model=models.TreatmentFile,
access_controls=[
- "change_treatmentfile",
- "change_own_treatmentfile",
+ "archeological_finds.change_treatmentfile",
+ "archeological_finds.change_own_treatmentfile",
],
),
MenuItem(
@@ -140,8 +170,8 @@ MENU_SECTIONS = [
_("Deletion"),
model=models.TreatmentFile,
access_controls=[
- "change_treatmentfile",
- "change_own_treatmentfile",
+ "archeological_finds.change_treatmentfile",
+ "archeological_finds.change_own_treatmentfile",
],
),
SectionItem(
@@ -152,25 +182,33 @@ MENU_SECTIONS = [
"treatmentfle_admacttreatmentfle_search",
_("Search"),
model=AdministrativeAct,
- access_controls=["change_administrativeact"],
+ access_controls=[
+ "archaeological_operations.view_administrativeact"
+ ],
),
MenuItem(
"treatmentfle_admacttreatmentfle",
_("Creation"),
model=AdministrativeAct,
- access_controls=["change_administrativeact"],
+ access_controls=[
+ "archaeological_operations.change_administrativeact"
+ ],
),
MenuItem(
"treatmentfle_admacttreatmentfle_modification",
_("Modification"),
model=AdministrativeAct,
- access_controls=["change_administrativeact"],
+ access_controls=[
+ "archaeological_operations.change_administrativeact"
+ ],
),
MenuItem(
"treatmentfle_admacttreatmentfle_deletion",
_("Deletion"),
model=AdministrativeAct,
- access_controls=["change_administrativeact"],
+ access_controls=[
+ "archaeological_operations.change_administrativeact"
+ ],
),
],
),
@@ -189,37 +227,54 @@ MENU_SECTIONS = [
"treatment_search",
_("Search"),
model=models.Treatment,
- access_controls=["view_treatment", "view_own_treatment"],
+ access_controls=[
+ "archaeological_finds.view_treatment",
+ "archaeological_finds.view_own_treatment"
+ ],
),
MenuItem(
"treatment_creation",
_("Simple treatment - creation"),
model=models.Treatment,
- access_controls=["change_find", "change_own_find"],
+ access_controls=[
+ "archaeological_finds.change_find",
+ "archaeological_finds.change_own_find"],
),
MenuItem(
"treatment_creation_n1",
_("Treatment many to one - creation"),
model=models.Treatment,
- access_controls=["change_find", "change_own_find"],
+ access_controls=[
+ "archaeological_finds.change_find",
+ "archaeological_finds.change_own_find"
+ ],
),
MenuItem(
"treatment_creation_1n",
_("Treatment one to many - creation"),
model=models.Treatment,
- access_controls=["change_find", "change_own_find"],
+ access_controls=[
+ "archaeological_finds.change_find",
+ "archaeological_finds.change_own_find"
+ ],
),
MenuItem(
"treatment_modification",
_("Modification"),
model=models.Treatment,
- access_controls=["change_treatment", "change_own_treatment"],
+ access_controls=[
+ "archaeological_finds.change_treatment",
+ "archaeological_finds.change_own_treatment"
+ ],
),
MenuItem(
"treatment_deletion",
_("Deletion"),
model=models.Treatment,
- access_controls=["change_treatment", "change_own_treatment"],
+ access_controls=[
+ "archaeological_finds.change_treatment",
+ "archaeological_finds.change_own_treatment"
+ ],
),
SectionItem(
"admin_act_treatments",
@@ -229,25 +284,33 @@ MENU_SECTIONS = [
"treatment_admacttreatment_search",
_("Search"),
model=AdministrativeAct,
- access_controls=["view_administrativeact"],
+ access_controls=[
+ "archaeological_operations.view_administrativeact"
+ ],
),
MenuItem(
"treatment_admacttreatment",
_("Creation"),
model=AdministrativeAct,
- access_controls=["add_administrativeact"],
+ access_controls=[
+ "archaeological_operations.add_administrativeact"
+ ],
),
MenuItem(
"treatment_admacttreatment_modification",
_("Modification"),
model=AdministrativeAct,
- access_controls=["change_administrativeact"],
+ access_controls=[
+ "archaeological_operations.change_administrativeact"
+ ],
),
MenuItem(
"treatment_admacttreatment_deletion",
_("Deletion"),
model=AdministrativeAct,
- access_controls=["change_administrativeact"],
+ access_controls=[
+ "archaeological_operations.change_administrativeact"
+ ],
),
],
),
diff --git a/archaeological_finds/models_finds.py b/archaeological_finds/models_finds.py
index 464076caf..1863ba450 100644
--- a/archaeological_finds/models_finds.py
+++ b/archaeological_finds/models_finds.py
@@ -925,14 +925,18 @@ WEIGHT_UNIT = (
class FindBasket(Basket, MainItem, ValueGetter):
SHOW_URL = "show-findbasket"
SLUG = "findbasket"
- items = models.ManyToManyField("Find", blank=True, related_name="basket", verbose_name=_("Associated finds"))
+ items = models.ManyToManyField("Find", blank=True, related_name="basket",
+ verbose_name=_("Associated finds"))
QA_EDIT = QuickAction(
url="findbasket-qa-bulk-update",
icon_class="fa fa-pencil",
text=_("Modify"),
target="many",
- rights=["view_find", "view_own_find"],
+ rights=[
+ "archaeological_finds.view_find",
+ "archaeological_finds.view_own_find"
+ ],
)
QUICK_ACTIONS = [
QA_EDIT,
@@ -941,7 +945,10 @@ class FindBasket(Basket, MainItem, ValueGetter):
icon_class="fa fa-clone",
text=_("Duplicate"),
target="one",
- rights=["view_find", "view_own_find"],
+ rights=[
+ "archaeological_finds.view_find",
+ "archaeological_finds.view_own_find"
+ ],
),
]
@@ -976,7 +983,7 @@ class FindBasket(Basket, MainItem, ValueGetter):
"""
# url, base_text, icon, extra_text, extra css class, is a quick action
- if not request.user or not request.user.ishtaruser:
+ if not request.user or not getattr(request.user, "ishtaruser", None):
return []
ishtaruser = request.user.ishtaruser
@@ -994,7 +1001,7 @@ class FindBasket(Basket, MainItem, ValueGetter):
False,
),
]
- can_edit_find = self.can_do(request, "change_find")
+ can_edit_find = self.can_do(request, "archaeological_finds.change_find")
if can_edit_find:
actions += [
(
@@ -1006,7 +1013,7 @@ class FindBasket(Basket, MainItem, ValueGetter):
False,
),
]
- if self.can_do(request, "add_treatmentfile"):
+ if self.can_do(request, "archaeological_finds.add_treatmentfile"):
actions += [
(
reverse("findbasket-add-treatmentfile", args=[self.pk]),
@@ -1857,14 +1864,16 @@ class Find(
icon_class="fa fa-pencil",
text=_("Bulk update"),
target="many",
- rights=["change_find", "change_own_find"],
+ rights=["archaeological_finds.change_find",
+ "archaeological_finds.change_own_find"],
)
QA_LOCK = QuickAction(
url="find-qa-lock",
icon_class="fa fa-lock",
text=_("Lock/Unlock"),
target="many",
- rights=["change_find", "change_own_find"],
+ rights=["archaeological_finds.change_find",
+ "archaeological_finds.change_own_find"],
)
QUICK_ACTIONS = [
@@ -1874,21 +1883,30 @@ class Find(
icon_class="fa fa-clone",
text=_("Duplicate"),
target="one",
- rights=["change_find", "change_own_find"],
+ rights=[
+ "archaeological_finds.change_find",
+ "archaeological_finds.change_own_find"
+ ],
),
QuickAction(
url="find-qa-basket",
icon_class="fa fa-shopping-basket",
text=_("Basket"),
target="many",
- rights=["change_find", "change_own_find"],
+ rights=[
+ "archaeological_finds.change_find",
+ "archaeological_finds.change_own_find"
+ ],
),
QuickAction(
url="find-qa-packaging",
icon_class="fa fa-gift",
text=_("Packaging"),
target="many",
- rights=["change_find", "change_own_find"],
+ rights=[
+ "archaeological_finds.change_find",
+ "archaeological_finds.change_own_find"
+ ],
module="warehouse",
),
QuickAction(
@@ -1896,7 +1914,10 @@ class Find(
icon_class="fa fa-object-group",
text=_("Treatment many to one"),
target="many",
- rights=["change_find", "change_own_find"],
+ rights=[
+ "archaeological_finds.change_find",
+ "archaeological_finds.change_own_find"
+ ],
is_popup=False,
),
QA_LOCK,
@@ -2641,11 +2662,12 @@ class Find(
is_locked = hasattr(self, "is_locked") and self.is_locked(request.user)
profile = get_current_profile()
- can_add_geo = profile.mapping and self.can_do(request, "add_geovectordata")
+ can_add_geo = profile.mapping and self.can_do(request,
+ "ishtar_common.add_geovectordata")
if can_add_geo:
if self.base_finds.count() == 1:
actions.append(self.base_finds.all()[0].get_add_geo_action())
- can_edit_find = self.can_do(request, "change_find")
+ can_edit_find = self.can_do(request, "archaeological_finds.change_find")
if can_edit_find and not is_locked:
actions += [
(
diff --git a/archaeological_finds/models_treatments.py b/archaeological_finds/models_treatments.py
index cbca04c9a..d23843226 100644
--- a/archaeological_finds/models_treatments.py
+++ b/archaeological_finds/models_treatments.py
@@ -22,14 +22,14 @@ import datetime
from django.conf import settings
from django.contrib.gis.db import models
from django.contrib.postgres.indexes import GinIndex
-from django.db import transaction
from django.db.models import Max, Q
from django.db.models.signals import post_save, post_delete, pre_delete, m2m_changed
from django.template.defaultfilters import slugify
from django.urls import reverse
from ishtar_common.utils import ugettext_lazy as _, pgettext_lazy, SheetItem
-from archaeological_finds.models_finds import Find, FindBasket, TreatmentType, FindTreatment
+from archaeological_finds.models_finds import Find, FindBasket, TreatmentType, \
+ FindTreatment
from archaeological_operations.models import ClosedItem, Operation
from archaeological_context_records.models import Dating
from archaeological_warehouse.models import Warehouse, Container
@@ -413,7 +413,7 @@ class Treatment(
def get_extra_actions(self, request):
# url, base_text, icon, extra_text, extra css class, is a quick action
actions = super(Treatment, self).get_extra_actions(request)
- if self.can_do(request, "add_administrativeact"):
+ if self.can_do(request, "archaeological_operations.add_administrativeact"):
actions += [
(
reverse("treatment-add-adminact", args=[self.pk]),
@@ -1309,7 +1309,7 @@ class TreatmentFile(
def get_extra_actions(self, request):
# url, base_text, icon, extra_text, extra css class, is a quick action
actions = super(TreatmentFile, self).get_extra_actions(request)
- if self.can_do(request, "add_administrativeact"):
+ if self.can_do(request, "archaeological_operations.add_administrativeact"):
actions += [
(
reverse("treatmentfile-add-adminact", args=[self.pk]),
@@ -1330,7 +1330,7 @@ class TreatmentFile(
):
# a treatment of this type already exists
return actions
- can_edit_find = self.can_do(request, "change_find")
+ can_edit_find = self.can_do(request, "archaeological_finds.change_find")
if can_edit_find:
actions += [
(
diff --git a/archaeological_finds/tests.py b/archaeological_finds/tests.py
index b521e0b97..16fb575c7 100644
--- a/archaeological_finds/tests.py
+++ b/archaeological_finds/tests.py
@@ -35,7 +35,6 @@ from django.test import LiveServerTestCase
from django.test.client import Client
from django.urls import reverse
from ishtar_common.models import (
- ImporterGroup,
ImporterType,
IshtarUser,
ImporterColumn,
@@ -95,7 +94,8 @@ from ishtar_common.tests import (
GenericSerializationTest,
SearchText,
)
-from archaeological_operations.tests import ImportTest, create_operation, create_administrativact
+from archaeological_operations.tests import ImportTest, create_operation, \
+ create_administrativact
from archaeological_context_records.tests import ContextRecordInit
from archaeological_operations.serializers import operation_serialization
@@ -1994,6 +1994,7 @@ class FindPermissionTest(FindInit, TestCase):
response = c.get(reverse("get-find"))
# only one "own" operation available
content = response.content.decode()
+ self.assertTrue(content)
self.assertTrue(json.loads(content))
self.assertEqual(json.loads(content)["recordsTotal"], 1)
diff --git a/archaeological_finds/urls.py b/archaeological_finds/urls.py
index a1b240363..ba10750d2 100644
--- a/archaeological_finds/urls.py
+++ b/archaeological_finds/urls.py
@@ -20,47 +20,56 @@
from django.conf.urls import url
from django.urls import path
-from ishtar_common.utils import check_rights, get_urls_for_model
+from ishtar_common.utils import check_permissions, get_urls_for_model
from archaeological_finds import views
from archaeological_finds import views_api
from archaeological_operations.views import administrativeactfile_document
from archaeological_finds import models
-# be careful: each check_rights must be relevant with ishtar_menu
+# be careful: each check_permissions must be relevant with ishtar_menu
# forms
urlpatterns = [
url(
r"find_search/(?P<step>.+)?$",
- check_rights(["view_find", "view_own_find"])(views.find_search_wizard),
+ check_permissions(
+ ["archaeological_finds.view_find", "archaeological_finds.view_own_find"]
+ )(views.find_search_wizard),
name="find_search",
),
url(
r"find_creation/(?P<step>.+)?$",
- check_rights(["add_find", "add_own_find"])(views.find_creation_wizard),
+ check_permissions(
+ ["archaeological_finds.add_find", "archaeological_finds.add_own_find"]
+ )(views.find_creation_wizard),
name="find_creation",
),
url(
r"find_modification/(?P<step>.+)?$",
- check_rights(["change_find", "change_own_find"])(
- views.find_modification_wizard
- ),
+ check_permissions(
+ ["archaeological_finds.change_find",
+ "archaeological_finds.change_own_find"]
+ )(views.find_modification_wizard),
name="find_modification",
),
url(r"find_modify/(?P<pk>.+)/$", views.find_modify, name="find_modify"),
url(r"find_create/(?P<pk>.+)/$", views.find_create, name="find_create"),
url(
r"find_deletion/(?P<step>.+)?$",
- check_rights(["change_find", "change_own_find"])(views.find_deletion_wizard),
+ check_permissions(
+ ["archaeological_finds.change_find",
+ "archaeological_finds.change_own_find"]
+ )(views.find_deletion_wizard),
name="find_deletion",
),
url(r"find_delete/(?P<pk>.+)/$", views.find_delete, name="delete-find"),
url(
r"^find-qa-duplicate/(?P<pks>[0-9-]+)?/$",
- check_rights(["change_find", "change_own_find"])(
- views.QAFindDuplicateFormView.as_view()
- ),
+ check_permissions(
+ ["archaeological_finds.change_find",
+ "archaeological_finds.change_own_find"]
+ )(views.QAFindDuplicateFormView.as_view()),
name="find-qa-duplicate",
),
url(r"get-findbasket/$", views.get_find_basket, name="get-findbasket"),
@@ -71,17 +80,26 @@ urlpatterns = [
),
url(
r"find_basket_search/(?P<step>.+)?$",
- check_rights(["view_find", "view_own_find"])(views.basket_search_wizard),
+ check_permissions(
+ ["archaeological_finds.view_find",
+ "archaeological_finds.view_own_find"]
+ )(views.basket_search_wizard),
name="find_basket_search",
),
url(
r"^find_basket_creation/$",
- check_rights(["view_find", "view_own_find"])(views.NewFindBasketView.as_view()),
+ check_permissions(
+ ["archaeological_finds.view_find",
+ "archaeological_finds.view_own_find"]
+ )(views.NewFindBasketView.as_view()),
name="new_findbasket",
),
url(
r"^find_basket_modification/(?P<step>.+)?$",
- check_rights(["view_find", "view_own_find"])(views.basket_modify_wizard),
+ check_permissions(
+ ["archaeological_finds.view_find",
+ "archaeological_finds.view_own_find"]
+ )(views.basket_modify_wizard),
name="find_basket_modification",
),
url(
@@ -91,139 +109,163 @@ urlpatterns = [
),
url(
r"^find_basket_modification_add/$",
- check_rights(["view_find", "view_own_find"])(
- views.SelectBasketForManagement.as_view()
- ),
+ check_permissions(
+ ["archaeological_finds.view_find",
+ "archaeological_finds.view_own_find"]
+ )(views.SelectBasketForManagement.as_view()),
name="select_findbasketforadd",
),
url(
r"^find_basket_modification_add/(?P<pk>[0-9]+)?/$",
- check_rights(["view_find", "view_own_find"])(
- views.SelectItemsInBasket.as_view()
- ),
+ check_permissions(
+ ["archaeological_finds.view_find",
+ "archaeological_finds.view_own_find"]
+ )(views.SelectItemsInBasket.as_view()),
name="select_itemsinbasket",
),
url(
r"^find_basket_modification_add_item/$",
- check_rights(["view_find", "view_own_find"])(
- views.FindBasketAddItemView.as_view()
- ),
+ check_permissions(
+ ["archaeological_finds.view_find",
+ "archaeological_finds.view_own_find"]
+ )(views.FindBasketAddItemView.as_view()),
name="add_iteminbasket",
),
url(
r"^find_basket_modification_delete_item/(?P<basket>[0-9]+)?"
r"/(?P<find_pk>[0-9]+)?/$",
- check_rights(["view_find", "view_own_find"])(
- views.FindBasketDeleteItemView.as_view()
- ),
+ check_permissions(
+ ["archaeological_finds.view_find",
+ "archaeological_finds.view_own_find"]
+ )(views.FindBasketDeleteItemView.as_view()),
name="delete_iteminbasket",
),
url(
r"^find_basket_list/(?P<pk>[0-9]+)?/$",
- check_rights(["view_find", "view_own_find"])(
- views.FindBasketListView.as_view()
- ),
+ check_permissions(
+ ["archaeological_finds.view_find",
+ "archaeological_finds.view_own_find"]
+ )(views.FindBasketListView.as_view()),
name="list_iteminbasket",
),
url(
r"^find_basket_deletion/(?P<step>.+)?$",
- check_rights(["view_find", "view_own_find"])(views.basket_delete_wizard),
+ check_permissions(
+ ["archaeological_finds.view_find",
+ "archaeological_finds.view_own_find"]
+ )(views.basket_delete_wizard),
name="find_basket_deletion",
),
url(
r"^findbasket-qa-duplicate/(?P<pks>[0-9-]+)?/$",
- check_rights(["view_find", "view_own_find"])(
- views.QAFindbasketDuplicateFormView.as_view()
- ),
+ check_permissions(
+ ["archaeological_finds.view_find",
+ "archaeological_finds.view_own_find"]
+ )(views.QAFindbasketDuplicateFormView.as_view()),
name="findbasket-qa-duplicate",
),
url(
r"^findbasket-add-treatment/(?P<pk>[0-9-]+)/$",
- check_rights(["change_find", "change_own_find"])(
- views.findbasket_treatment_add
- ),
+ check_permissions(
+ ["archaeological_finds.change_find",
+ "archaeological_finds.change_own_find"]
+ )(views.findbasket_treatment_add),
name="findbasket-add-treatment",
),
url(
r"^findbasket-add-treatmentfile/(?P<pk>[0-9-]+)/$",
- check_rights(["add_treatmentfile", "add_own_treatmentfile"])(
- views.findbasket_treatmentfile_add
- ),
+ check_permissions(
+ ["archaeological_finds.add_treatmentfile",
+ "archaeological_finds.add_own_treatmentfile"]
+ )(views.findbasket_treatmentfile_add),
name="findbasket-add-treatmentfile",
),
url(
r"^find-add-treatment/(?P<pk>[0-9-]+)/$",
- check_rights(["change_find", "change_own_find"])(views.find_treatment_add),
+ check_permissions(
+ ["archaeological_finds.change_find",
+ "archaeological_finds.change_own_find"]
+ )(views.find_treatment_add),
name="find-add-treatment",
),
url(
r"^find-add-divide-treatment/(?P<pk>[0-9-]+)/$",
- check_rights(["change_find", "change_own_find"])(
- views.find_divide_treatment_add
- ),
+ check_permissions(
+ ["archaeological_finds.change_find",
+ "archaeological_finds.change_own_find"]
+ )(views.find_divide_treatment_add),
name="find-add-divide-treatment",
),
url(
r"^treatmentfile-add-treatment/(?P<pk>[0-9-]+)/$",
- check_rights(["change_find", "change_own_find"])(
- views.treatmentfile_treatment_add
- ),
+ check_permissions(
+ ["archaeological_finds.change_find",
+ "archaeological_finds.change_own_find"]
+ )(views.treatmentfile_treatment_add),
name="treatmentfile-add-treatment",
),
url(
r"^treatment-add-adminact/(?P<pk>[0-9-]+)/$",
- check_rights(["add_administrativeact"])(views.treatment_adminact_add),
+ check_permissions(
+ ["archaeological_operations.add_administrativeact"]
+ )(views.treatment_adminact_add),
name="treatment-add-adminact",
),
url(
r"^treatmentfile-add-adminact/(?P<pk>[0-9-]+)/$",
- check_rights(["add_administrativeact"])(views.treatmentfile_adminact_add),
+ check_permissions(
+ ["archaeological_operations.add_administrativeact"]
+ )(views.treatmentfile_adminact_add),
name="treatmentfile-add-adminact",
),
url(
r"^find-qa-bulk-update/(?P<pks>[0-9-]+)?/$",
- check_rights(["change_find", "change_own_find"])(views.QAFindForm.as_view()),
+ check_permissions(
+ ["archaeological_finds.change_find",
+ "archaeological_finds.change_own_find"]
+ )(views.QAFindForm.as_view()),
name="find-qa-bulk-update",
),
url(
r"^find-qa-bulk-update/(?P<pks>[0-9-]+)?/confirm/$",
- check_rights(["change_find", "change_own_find"])(views.QAFindForm.as_view()),
+ check_permissions(
+ ["archaeological_finds.change_find",
+ "archaeological_finds.change_own_find"]
+ )(views.QAFindForm.as_view()),
name="find-qa-bulk-update-confirm",
kwargs={"confirm": True},
),
url(
r"^find-qa-basket/(?P<pks>[0-9-]+)?/$",
- check_rights(["change_find", "change_own_find"])(
- views.QAFindBasketFormView.as_view()
- ),
+ check_permissions(
+ ["archaeological_finds.change_find",
+ "archaeological_finds.change_own_find"]
+ )(views.QAFindBasketFormView.as_view()),
name="find-qa-basket",
),
url(
r"findbasket-qa-bulk-update/(?P<pks>[0-9-]+)?/$",
- check_rights([
- "change_find",
- "change_own_find",
- ])(
- views.QAFindBasketModifyView.as_view()
- ),
+ check_permissions([
+ "archaeological_finds.change_find",
+ "archaeological_finds.change_own_find",
+ ])(views.QAFindBasketModifyView.as_view()),
name="findbasket-qa-bulk-update",
),
url(
r"findbasket-qa-bulk-update/(?P<pks>[0-9-]+)?/confirm/$",
- check_rights([
- "change_find",
- "change_own_find",
- ])(
- views.QAFindBasketModifyView.as_view()
- ),
+ check_permissions([
+ "archaeological_finds.change_find",
+ "archaeological_finds.change_own_find",
+ ])(views.QAFindBasketModifyView.as_view()),
name="findbasket-qa-bulk-update-confirm",
kwargs={"confirm": True},
),
url(
r"^find-qa-packaging/(?P<pks>[0-9-]+)?/$",
- check_rights(["change_find", "change_own_find"])(
- views.QAFindTreatmentFormView.as_view()
- ),
+ check_permissions(
+ ["archaeological_finds.change_find",
+ "archaeological_finds.change_own_find"]
+ )(views.QAFindTreatmentFormView.as_view()),
name="find-qa-packaging",
),
url(
@@ -234,16 +276,18 @@ urlpatterns = [
),
url(
r"^treatment_creation/(?P<step>.+)?$",
- check_rights(["change_find", "change_own_find"])(
- views.treatment_creation_wizard
- ),
+ check_permissions(
+ ["archaeological_finds.change_find",
+ "archaeological_finds.change_own_find"]
+ )(views.treatment_creation_wizard),
name="treatment_creation",
),
url(
r"^treatment_creation_n1/(?P<step>.+)?$",
- check_rights(["change_find", "change_own_find"])(
- views.treatment_creation_n1_wizard
- ),
+ check_permissions(
+ ["archaeological_finds.change_find",
+ "archaeological_finds.change_own_find"]
+ )(views.treatment_creation_n1_wizard),
name="treatment_creation_n1",
),
url(
@@ -253,16 +297,18 @@ urlpatterns = [
),
url(
r"^treatment_creation_1n/(?P<step>.+)?$",
- check_rights(["change_find", "change_own_find"])(
- views.treatment_creation_1n_wizard
- ),
+ check_permissions(
+ ["archaeological_finds.change_find",
+ "archaeological_finds.change_own_find"]
+ )(views.treatment_creation_1n_wizard),
name="treatment_creation_1n",
),
url(
r"^treatment_modification/(?P<step>.+)?$",
- check_rights(["change_find", "change_own_find"])(
- views.treatment_modification_wizard
- ),
+ check_permissions(
+ ["archaeological_finds.change_find",
+ "archaeological_finds.change_own_find"]
+ )(views.treatment_modification_wizard),
name="treatment_modification",
),
url(
@@ -272,14 +318,18 @@ urlpatterns = [
),
url(
r"^treatment_search/(?P<step>.+)?$",
- check_rights(["view_find", "view_own_find"])(views.treatment_search_wizard),
+ check_permissions(
+ ["archaeological_finds.view_find",
+ "archaeological_finds.view_own_find"]
+ )(views.treatment_search_wizard),
name="treatment_search",
),
url(
r"^treatment_deletion/(?P<step>.+)?$",
- check_rights(["change_treatmentfile", "change_own_treatmentfile"])(
- views.treatment_deletion_wizard
- ),
+ check_permissions(
+ ["archaeological_finds.change_treatmentfile",
+ "archaeological_finds.change_own_treatmentfile"]
+ )(views.treatment_deletion_wizard),
name="treatment_deletion",
),
url(
@@ -289,21 +339,21 @@ urlpatterns = [
),
url(
r"^treatment_admacttreatment_search/(?P<step>.+)?$",
- check_rights(["change_administrativeact"])(
+ check_permissions(["archaeological_operations.change_administrativeact"])(
views.treatment_administrativeact_search_wizard
),
name="treatment_admacttreatment_search",
),
url(
r"^treatment_admacttreatment/(?P<step>.+)?$",
- check_rights(["change_administrativeact"])(
+ check_permissions(["archaeological_operations.change_administrativeact"])(
views.treatment_administrativeact_wizard
),
name="treatment_admacttreatment",
),
url(
r"^treatment_admacttreatment_modification/(?P<step>.+)?$",
- check_rights(["change_administrativeact"])(
+ check_permissions(["archaeological_operations.change_administrativeact"])(
views.treatment_administrativeact_modification_wizard
),
name="treatment_admacttreatment_modification",
@@ -315,7 +365,7 @@ urlpatterns = [
),
url(
r"^treatment_admacttreatment_deletion/(?P<step>.+)?$",
- check_rights(["change_administrativeact"])(
+ check_permissions(["archaeological_operations.change_administrativeact"])(
views.treatment_admacttreatment_deletion_wizard
),
name="treatment_admacttreatment_deletion",
@@ -332,21 +382,21 @@ urlpatterns = [
),
url(
r"^treatmentfle_admacttreatmentfle_search/(?P<step>.+)?$",
- check_rights(["change_administrativeact"])(
+ check_permissions(["archaeological_operations.change_administrativeact"])(
views.treatmentfile_admacttreatmentfile_search_wizard
),
name="treatmentfle_admacttreatmentfle_search",
),
url(
r"^treatmentfle_admacttreatmentfle_modification/(?P<step>.+)?$",
- check_rights(["change_administrativeact"])(
+ check_permissions(["archaeological_operations.change_administrativeact"])(
views.treatmentfile_admacttreatmentfile_modification_wizard
),
name="treatmentfle_admacttreatmentfle_modification",
),
url(
r"^treatmentfle_admacttreatmentfle/(?P<step>.+)?$",
- check_rights(["change_administrativeact"])(
+ check_permissions(["archaeological_operations.change_administrativeact"])(
views.treatmentfile_admacttreatmentfile_wizard
),
name="treatmentfle_admacttreatmentfle",
@@ -358,7 +408,7 @@ urlpatterns = [
),
url(
r"^treatmentfle_admacttreatmentfle_deletion/(?P<step>.+)?$",
- check_rights(["change_administrativeact"])(
+ check_permissions(["archaeological_operations.change_administrativeact"])(
views.treatmentfile_admacttreatmentfile_deletion_wizard
),
name="treatmentfle_admacttreatmentfle_deletion",
@@ -370,23 +420,26 @@ urlpatterns = [
),
url(
r"^treatmentfle_search/(?P<step>.+)?$",
- check_rights(["view_treatmentfile", "view_own_treatmentfile"])(
- views.treatmentfile_search_wizard
- ),
+ check_permissions(
+ ["archaeological_finds.view_treatmentfile",
+ "archaeological_finds.view_own_treatmentfile"]
+ )(views.treatmentfile_search_wizard),
name="treatmentfile_search",
),
url(
r"treatmentfle_creation/(?P<step>.+)?$",
- check_rights(["change_treatmentfile", "change_own_treatmentfile"])(
- views.treatmentfile_creation_wizard
- ),
+ check_permissions(
+ ["archaeological_finds.change_treatmentfile",
+ "archaeological_finds.change_own_treatmentfile"]
+ )(views.treatmentfile_creation_wizard),
name="treatmentfile_creation",
),
url(
r"treatmentfle_modification/(?P<step>.+)?$",
- check_rights(["change_treatmentfile", "change_own_treatmentfile"])(
- views.treatmentfile_modification_wizard
- ),
+ check_permissions(
+ ["archaeological_finds.change_treatmentfile",
+ "archaeological_finds.change_own_treatmentfile"]
+ )(views.treatmentfile_modification_wizard),
name="treatmentfile_modification",
),
url(
@@ -396,9 +449,10 @@ urlpatterns = [
),
url(
r"^treatmentfle_deletion/(?P<step>.+)?$",
- check_rights(["change_find", "change_own_find"])(
- views.treatmentfile_deletion_wizard
- ),
+ check_permissions(
+ ["archaeological_finds.change_find",
+ "archaeological_finds.change_own_find"]
+ )(views.treatmentfile_deletion_wizard),
name="treatmentfile_deletion",
),
url(
@@ -600,14 +654,18 @@ urlpatterns = [
),
url(
r"autocomplete-findbasket/$",
- check_rights(["change_find", "change_own_find"])(views.autocomplete_findbasket),
+ check_permissions(
+ ["archaeological_finds.change_find",
+ "archaeological_finds.change_own_find"]
+ )(views.autocomplete_findbasket),
name="autocomplete-findbasket",
),
url(
r"autocomplete-findbasket-write/$",
- check_rights(["change_find", "change_own_find"])(
- views.autocomplete_findbasket_write
- ),
+ check_permissions(
+ ["archaeological_finds.change_find",
+ "archaeological_finds.change_own_find"]
+ )(views.autocomplete_findbasket_write),
name="autocomplete-findbasket-write",
),
url(
@@ -615,9 +673,10 @@ urlpatterns = [
),
url(
r"api/ishtar/base-finds/get-geo$",
- check_rights(["view_find", "view_own_find"])(
- views.get_geo_items,
- ),
+ check_permissions(
+ ["archaeological_finds.view_find",
+ "archaeological_finds.view_own_find"]
+ )(views.get_geo_items),
name="api-get-geo",
),
url(
@@ -639,9 +698,10 @@ urlpatterns = [
),
url(
r"autocomplete-basefind/$",
- check_rights(["view_basefind", "view_own_basefind"])(
- views.autocomplete_basefind
- ),
+ check_permissions(
+ ["archaeological_finds.view_basefind",
+ "archaeological_finds.view_own_basefind"]
+ )(views.autocomplete_basefind),
name="autocomplete-basefind",
),
]
diff --git a/archaeological_finds/views.py b/archaeological_finds/views.py
index 866349ce2..0b286531c 100644
--- a/archaeological_finds/views.py
+++ b/archaeological_finds/views.py
@@ -151,14 +151,12 @@ get_administrativeacttreatmentfile = get_item(
def autocomplete_treatmentfile(request):
+ ishtaruser = getattr(request.user, "ishtaruser", None)
+ if not ishtaruser:
+ return HttpResponse(content_type="text/plain")
if (
- not request.user.has_perm("ishtar_common.view_treatment", models.Treatment)
- and not request.user.has_perm(
- "ishtar_common.view_own_treatment", models.Treatment
- )
- and not request.user.ishtaruser.has_right(
- "treatmentfile_search", session=request.session
- )
+ not ishtaruser.has_permission("archaeological_finds.view_treatment")
+ and not ishtaruser.has_permission("archaeological_finds.view_own_treatment")
):
return HttpResponse(content_type="text/plain")
if not request.GET.get("term"):
@@ -193,7 +191,7 @@ def show_basefind(request, pk, **dct):
def show_find_extra(request, find):
- if not request.user or not request.user.ishtaruser:
+ if not request.user or not getattr(request.user, "ishtaruser", None):
return {}
user = request.user.ishtaruser
if isinstance(find, dict):
@@ -607,8 +605,8 @@ class FindBasketDeleteItemView(
basket = self.get_basket(user=ishtaruser, pk=self.kwargs["basket"])
if (
not user.is_superuser
- and not ishtaruser.has_right("view_find")
- and not (ishtaruser.has_right("view_own_find") and find.is_own(user))
+ and not ishtaruser.has_permission("archaeological_finds.view_find")
+ and not ishtaruser.has_permission("archaeological_finds.view_own_find", find)
):
raise PermissionDenied
basket.items.remove(find)
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-17 13:57:07 +0000