More precise right managements (closes #644)

- wizard filtered with right managements
- better admin for rights related to person types

1 files changed, 26 insertions, 0 deletions

diff --git a/ishtar/ishtar_base/forms.py b/ishtar/ishtar_base/forms.py
index 608e54739..d947b43ae 100644
--- a/ishtar/ishtar_base/forms.py
+++ b/ishtar/ishtar_base/forms.py
@@ -107,6 +107,32 @@ class Wizard(NamedUrlSessionFormWizard):
     model = None
     modification = None # True when the wizard modify an item
 
+    @staticmethod
+    def _check_right(step, condition=True):
+        '''Return a method to check the right for a specific step'''
+        def check_right(self, request, storage):
+            cond = condition
+            if callable(condition):
+                cond = condition(self, request, storage)
+            if not cond:
+                return False
+            person_type = request.user.ishtaruser.person.person_type
+            if person_type.txt_idx == 'administrator':
+                return True
+            if person_type.rights.filter(url_name=step).count():
+                return True
+        return check_right
+
+    def __init__(self, *args, **kwargs):
+        """Check right for each step of the wizard"""
+        super(Wizard, self).__init__(*args, **kwargs)
+        for form_key in self.form_list.keys()[:-1]:
+            condition = True
+            if form_key in self.condition_list:
+                condition = self.condition_list.get(form_key, True)
+            cond = self._check_right(form_key, condition)
+            self.condition_list[form_key] = cond
+
     def get_wizard_name(self):
         """As the class name can interfere when reused, use the url_name"""
         return self.url_name