External sources - limit access in admin, limit by profile

author: Étienne Loks <etienne.loks@iggdrasil.net> 2022-01-20 17:10:43 +0100
committer: Étienne Loks <etienne.loks@iggdrasil.net> 2022-12-12 12:20:59 +0100
commit: 31ef78cec0cd2ba3ccc91c4bafd89831e73abe20 (patch)
tree: 9a8365bef9f59a9348d719dcb3cb4e055e4ccce1 /ishtar_common/context_processors.py
parent: 06b13fe771fd67ab655f0c81bbae51add767deb2 (diff)
download: Ishtar-31ef78cec0cd2ba3ccc91c4bafd89831e73abe20.tar.bz2
Ishtar-31ef78cec0cd2ba3ccc91c4bafd89831e73abe20.zip
1 files changed, 18 insertions, 12 deletions
diff --git a/ishtar_common/context_processors.py b/ishtar_common/context_processors.py
index 7e96bddbd..e1754e935 100644
--- a/ishtar_common/context_processors.py
+++ b/ishtar_common/context_processors.py
@@ -48,18 +48,6 @@ def get_base_context(request):
         menu.init()
         request.session['MENU'] = menu
     """  # menu is now in cache - put it back in session later?
-    if "EXTERNAL_SOURCES" not in request.session:
-        q = ApiExternalSource.objects
-        # TODO: check permissions
-        request.session["EXTERNAL_SOURCES"] = {}
-        if q.count():
-            for source in q.all():
-                request.session["EXTERNAL_SOURCES"][f"{source.id}||{source.name}"] = [
-                    f"{app_label}-{model_name}"
-                    for app_label, model_name in ApiKeyMatch.objects.values_list(
-                        "search_model__app_label", "search_model__model"
-                    ).distinct()
-                ]
 
     current_action = None
     if "CURRENT_ACTION" in request.session:
@@ -83,6 +71,24 @@ def get_base_context(request):
     menu.init()
 
     if hasattr(request.user, "ishtaruser") and request.user.ishtaruser:
+        if (
+            request.user.ishtaruser.current_profile
+            and "EXTERNAL_SOURCES" not in request.session
+        ):
+            q = ApiExternalSource.objects.filter(
+                profiles=request.user.ishtaruser.current_profile
+            )
+            request.session["EXTERNAL_SOURCES"] = {}
+            if q.count():
+                for source in q.all():
+                    request.session["EXTERNAL_SOURCES"][
+                        f"{source.id}||{source.name}"
+                    ] = [
+                        f"{app_label}-{model_name}"
+                        for app_label, model_name in ApiKeyMatch.objects.values_list(
+                            "search_model__app_label", "search_model__model"
+                        ).distinct()
+                    ]
         if request.user.ishtaruser.has_right("administrator", session=request.session):
             dct["ADMIN"] = True
         if (
author	Étienne Loks <etienne.loks@iggdrasil.net>	2022-01-20 17:10:43 +0100
committer	Étienne Loks <etienne.loks@iggdrasil.net>	2022-12-12 12:20:59 +0100
commit	31ef78cec0cd2ba3ccc91c4bafd89831e73abe20 (patch)
tree	9a8365bef9f59a9348d719dcb3cb4e055e4ccce1 /ishtar_common/context_processors.py
parent	06b13fe771fd67ab655f0c81bbae51add767deb2 (diff)
download	Ishtar-31ef78cec0cd2ba3ccc91c4bafd89831e73abe20.tar.bz2 Ishtar-31ef78cec0cd2ba3ccc91c4bafd89831e73abe20.zip