♻ permissions refactoring: refactor has_permission methods

author: Étienne Loks <etienne.loks@iggdrasil.net> 2024-10-16 17:57:13 +0200
committer: Étienne Loks <etienne.loks@iggdrasil.net> 2025-02-19 14:43:48 +0100
commit: c93dd3812c53d21ab8517dc7af72e1d4b70a1b04 (patch)
tree: 2153d8fd121f7ecd08a31e4867d58a2eb3c9aab7 /ishtar_common/models_common.py
parent: b8eef9b6aaed7ee097f8ea86174067f9ca42abd8 (diff)
download: Ishtar-c93dd3812c53d21ab8517dc7af72e1d4b70a1b04.tar.bz2
Ishtar-c93dd3812c53d21ab8517dc7af72e1d4b70a1b04.zip
1 files changed, 20 insertions, 13 deletions
diff --git a/ishtar_common/models_common.py b/ishtar_common/models_common.py
index 6f995569c..4a266af9c 100644
--- a/ishtar_common/models_common.py
+++ b/ishtar_common/models_common.py
@@ -1182,13 +1182,17 @@ class Imported(models.Model):
         abstract = True
 
     def _get_imports(self, user, key, limit):
-        if not user.ishtaruser:
+        ishtaruser = getattr(user, "ishtaruser", None)
+        if not ishtaruser:
             return []
         q = getattr(self, key)
-        if user.is_superuser or user.ishtaruser.has_right("view_import"):
+        if ishtaruser.has_permission("ishtaradmin") or \
+                ishtaruser.has_permission("ishtar_common.view_import"):
             q = q.all()
-        elif user.ishtaruser.has_right("view_own_import"):
-            q = q.filter(Q(user=user.ishtaruser) | Q(importer_type__users__pk=user.ishtaruser.pk))
+        elif ishtaruser.has_permission("ishtar_common.view_own_import"):
+            q = q.filter(Q(user=user.ishtaruser) | Q(
+                importer_type__users__pk=user.ishtaruser.pk)
+            )
         else:
             return []
         q = q.order_by("-id")
@@ -1946,7 +1950,8 @@ class DocumentItem:
     @property
     def pdf_attached(self):
         for document in self.documents.filter(
-                Q(associated_file__isnull=False) | Q(source__associated_file__isnull=False)
+                Q(associated_file__isnull=False) |
+                Q(source__associated_file__isnull=False)
         ).all():
             return document.pdf_attached
 
@@ -1967,7 +1972,7 @@ class DocumentItem:
             print(f"**WARNING** can_do not implemented for {self.__class__}")
             return actions
 
-        can_add_doc = self.can_do(request, "add_document")
+        can_add_doc = self.can_do(request, "ishtar_common.add_document")
         if can_add_doc and (
                 not hasattr(self, "is_locked") or not self.is_locked(request.user)
         ):
@@ -3318,13 +3323,13 @@ class MainItem(ShortMenuItem, SerializeItem, SheetItem):
                 pass
 
     @classmethod
-    def get_quick_actions(cls, user, session=None, obj=None):
+    def get_quick_actions(cls, user):
         """
         Get a list of (url, title, icon, target) actions for an user
         """
         qas = []
         for action in cls.QUICK_ACTIONS:
-            if not action.is_available(user, session=session, obj=obj):
+            if not action.is_available(user):
                 continue
             qas.append(
                 [
@@ -3376,14 +3381,14 @@ class MainItem(ShortMenuItem, SerializeItem, SheetItem):
         """
         Check permission availability for the current object.
         :param request: request object
-        :param action_name: action name eg: "change_find"
+        :param action_name: action name eg: "archaeological_finds.change_find"
         :return: boolean
         """
         # overload with OwnPerm when _own_ is relevant
         if not getattr(request.user, "ishtaruser", None):
             return False
         user = request.user
-        return user.ishtaruser.has_right(action_name, request.session)
+        return user.ishtaruser.has_permission(action_name)
 
     def get_extra_actions(self, request):
         if not hasattr(self, "SLUG"):
@@ -3636,7 +3641,9 @@ class Town(GeographicItem, Imported, DocumentItem, MainItem, models.Model):
         # url, base_text, icon, extra_text, extra css class, is a quick action
         actions = super().get_extra_actions(request)
         profile = get_current_profile()
-        can_add_geo = profile.mapping and self.can_do(request, "add_geovectordata")
+        can_add_geo = profile.mapping and self.can_do(
+            request, "ishtar_common.add_geovectordata"
+        )
         if can_add_geo:
             actions.append(self.get_add_geo_action())
         return actions
@@ -4168,7 +4175,7 @@ class QuickAction:
         if self.target not in ("one", "many", None):
             raise AttributeError("target must be one, many or None")
 
-    def is_available(self, user, session=None, obj=None):
+    def is_available(self, user, obj=None):
         if self.module and not getattr(get_current_profile(), self.module):
             return False
         if not self.rights:  # no restriction
@@ -4178,7 +4185,7 @@ class QuickAction:
         user = user.ishtaruser
 
         for right in self.rights:
-            if user.has_perm(right, session=session, obj=obj):
+            if user.has_permission(right, obj=obj):
                 return True
         return False
author	Étienne Loks <etienne.loks@iggdrasil.net>	2024-10-16 17:57:13 +0200
committer	Étienne Loks <etienne.loks@iggdrasil.net>	2025-02-19 14:43:48 +0100
commit	c93dd3812c53d21ab8517dc7af72e1d4b70a1b04 (patch)
tree	2153d8fd121f7ecd08a31e4867d58a2eb3c9aab7 /ishtar_common/models_common.py
parent	b8eef9b6aaed7ee097f8ea86174067f9ca42abd8 (diff)
download	Ishtar-c93dd3812c53d21ab8517dc7af72e1d4b70a1b04.tar.bz2 Ishtar-c93dd3812c53d21ab8517dc7af72e1d4b70a1b04.zip