diff options
| author | Étienne Loks <etienne.loks@iggdrasil.net> | 2017-05-16 12:27:34 +0200 |
|---|---|---|
| committer | Étienne Loks <etienne.loks@iggdrasil.net> | 2017-05-16 12:27:34 +0200 |
| commit | 8d9998014f3d7591f073dea645e3eee40b4917e6 (patch) | |
| tree | 6bb5b6aa22d1720b8eb2dc26766dcad9dda1544d /ishtar_common/models.py | |
| parent | dfd6fd2551a9cc54e6b69d4f5d4d4aa328b9cc7a (diff) | |
| parent | a25d54c314692843a0086f6c7f9d38c30affce40 (diff) | |
| download | Ishtar-8d9998014f3d7591f073dea645e3eee40b4917e6.tar.bz2 Ishtar-8d9998014f3d7591f073dea645e3eee40b4917e6.zip | |
Merge branch 'master' into v0.9
Diffstat (limited to 'ishtar_common/models.py')
| -rw-r--r-- | ishtar_common/models.py | 47 |
1 files changed, 46 insertions, 1 deletions
diff --git a/ishtar_common/models.py b/ishtar_common/models.py index 83cb25d46..5095619e0 100644 --- a/ishtar_common/models.py +++ b/ishtar_common/models.py @@ -90,6 +90,44 @@ def post_save_user(sender, **kwargs): post_save.connect(post_save_user, sender=User) +def check_model_access_control(request, model, available_perms=None): + """ + Check access control to a model for a specific request + + :param request: the current request + :param model: the concerned model + :param available_perms: specific permissions to check if not specified + "view" and "view_own" will be checked + :return: (allowed, own) tuple + """ + own = True # more restrictive by default + allowed = False + if not request.user.is_authenticated(): + return allowed, own + + if not available_perms: + available_perms = ['view_' + model.__name__.lower(), + 'view_own_' + model.__name__.lower()] + if request.user.ishtaruser.has_right('administrator', + session=request.session): + allowed = True + own = False + return allowed, own + for perm, lbl in model._meta.permissions: + if perm not in available_perms: + continue + cperm = model._meta.app_label + '.' + perm + if request.user.has_perm(cperm) \ + or cperm in request.user.get_all_permissions() \ + or request.user.ishtaruser.has_right( + perm, session=request.session): + allowed = True + if "_own_" not in perm: + own = False + break # max right reach + return allowed, own + + class Imported(models.Model): imports = models.ManyToManyField( 'Import', blank=True, null=True, @@ -1112,6 +1150,8 @@ def get_external_id(key, item): CURRENCY = ((u"€", _(u"Euro")), (u"$", _(u"US dollar"))) +FIND_INDEX_SOURCE = ((u"O", _(u"Operations")), + (u"CR", _(u"Context records"))) class IshtarSiteProfile(models.Model, Cached): @@ -1133,6 +1173,11 @@ class IshtarSiteProfile(models.Model, Cached): default='rgba(210,200,0,0.2)', max_length=200) find = models.BooleanField(_(u"Finds module"), default=False, help_text=_(u"Need context records module")) + find_index = models.CharField( + _(u"Find index is based on"), default='O', max_length=2, + choices=FIND_INDEX_SOURCE, + help_text=_(u"To prevent irrelevant indexes, change this parameter " + u"only if there is no find in the database")) find_color = models.CharField( _(u"CSS color code for find module"), default='rgba(210,0,0,0.15)', max_length=200) @@ -1370,7 +1415,7 @@ class DashboardFormItem(object): return q.distinct('pk').count() -class Dashboard: +class Dashboard(object): def __init__(self, model, slice='year', date_source=None, show_detail=None, fltr={}): # don't provide date_source if it is not relevant |