diff options
| author | Étienne Loks <etienne.loks@iggdrasil.net> | 2023-10-26 17:03:41 +0200 |
|---|---|---|
| committer | Étienne Loks <etienne.loks@iggdrasil.net> | 2024-04-16 16:38:32 +0200 |
| commit | f4f482cd4074898f5344a3a078e27800bbd060fd (patch) | |
| tree | 46a317f0f5de7b0177206ac5b965be794ff2b2af /ishtar_common/models_imports.py | |
| parent | e008dd87b2eafd88cec3d75d0b3b4c92ce891f23 (diff) | |
| download | Ishtar-f4f482cd4074898f5344a3a078e27800bbd060fd.tar.bz2 Ishtar-f4f482cd4074898f5344a3a078e27800bbd060fd.zip | |
✨ refactoring import permissions
Diffstat (limited to 'ishtar_common/models_imports.py')
| -rw-r--r-- | ishtar_common/models_imports.py | 67 |
1 files changed, 49 insertions, 18 deletions
diff --git a/ishtar_common/models_imports.py b/ishtar_common/models_imports.py index 77dad558e..2967c18aa 100644 --- a/ishtar_common/models_imports.py +++ b/ishtar_common/models_imports.py @@ -225,6 +225,10 @@ class ImporterType(models.Model): def __str__(self): return self.name + @classmethod + def is_own(cls, ishtar_user): + return bool(cls.objects.filter(users__pk=ishtar_user.pk).count()) + @property def type_label(self): if self.type in IMPORT_TYPES_DICT: @@ -445,6 +449,10 @@ class ImporterGroup(models.Model): def __str__(self): return self.name + @classmethod + def is_own(cls, ishtar_user): + return bool(cls.objects.filter(users__pk=ishtar_user.pk).count()) + @property def importer_types_label(self) -> str: return " ; ".join([imp.importer_type.name for imp in self.importer_types.all()]) @@ -1413,18 +1421,35 @@ class BaseImport(models.Model, OwnPerms, SheetItem): abstract = True @classmethod - def query_can_access(cls, user): + def get_permissions_for_actions(cls, user, session): + if not hasattr(user, "ishtaruser") or not user.ishtaruser: + return False, False, False, False + can_edit_all, can_delete_all, can_edit_own, can_delete_own = False, False, False, False + if user.is_superuser: + can_edit_all = True + can_delete_all = True + if user.ishtaruser.has_right("change_import", session=session): + can_edit_all = True + elif user.ishtaruser.has_right("change_own_import", session=session): + can_edit_own = True + if user.ishtaruser.has_right("delete_import", session=session): + can_delete_all = True + elif user.ishtaruser.has_right("delete_own_import", session=session): + can_delete_own = True + return can_edit_all, can_delete_all, can_edit_own, can_delete_own + + @classmethod + def query_can_access(cls, user, perm="view_import"): """ Filter the query to check access permissions :param user: User instance :return: import query """ q = cls.objects - if user.is_superuser: + if user.is_superuser or (hasattr(user, "ishtaruser") and user.ishtaruser and + user.ishtaruser.has_right(perm)): return q - IshtarUser = apps.get_model("ishtar_common", "IshtarUser") - ishtar_user = IshtarUser.objects.get(pk=user.pk) - q = q.filter(Q(user=ishtar_user) | Q(importer_type__users__pk=ishtar_user.pk)) + q = q.filter(Q(importer_type__users__pk=user.ishtaruser.pk)) return q @classmethod @@ -1557,25 +1582,28 @@ class ImportGroup(BaseImport): return "" return IMPORT_GROUP_STATE_DCT[str(self.state)] - def get_actions(self): + def get_actions(self, can_edit=False, can_delete=False): """ Get available action relevant with the current status """ actions = [] - if self.state == "C": + if not can_edit and not can_delete: + return actions + if can_edit and self.state == "C": actions.append(("A", _("Analyse"))) - if self.state == "A": + if can_edit and self.state == "A": actions.append(("A", _("Re-analyse"))) if not any(-1 for imp in self.import_list() if not imp.pre_import_form_is_valid): actions.append(("I", _("Launch import"))) - if self.state in ("F", "FE"): + if can_edit and self.state in ("F", "FE"): actions.append(("A", _("Re-analyse"))) actions.append(("I", _("Re-import"))) actions.append(("AC", _("Archive"))) - if self.state == "AC": + if can_edit and self.state == "AC": state = "FE" if any(1 for imp in self.imports.all() if imp.error_file) else "F" actions.append((state, _("Unarchive"))) - actions.append(("D", _("Delete"))) + if can_delete: + actions.append(("D", _("Delete"))) return actions def initialize(self, user=None, session_key=None): @@ -2203,16 +2231,18 @@ class Import(BaseImport): idx_line ) in self.imported_line_numbers.split(",") - def get_actions(self): + def get_actions(self, can_edit=False, can_delete=False): """ Get available action relevant with the current status """ IshtarSiteProfile = apps.get_model("ishtar_common", "IshtarSiteProfile") profile = IshtarSiteProfile.get_current_profile() actions = [] - if self.state == "C": + if not can_edit and not can_delete: + return actions + if can_edit and self.state == "C": actions.append(("A", _("Analyse"))) - if self.state in ("A", "PI"): + if can_edit and self.state in ("A", "PI"): actions.append(("A", _("Re-analyse"))) if self.pre_import_form_is_valid: actions.append(("I", _("Launch import"))) @@ -2222,7 +2252,7 @@ class Import(BaseImport): actions.append(("CH", _("Re-check for changes"))) else: actions.append(("CH", _("Check for changes"))) - if self.state in ("F", "FE"): + if can_edit and self.state in ("F", "FE"): actions.append(("A", _("Re-analyse"))) actions.append(("I", _("Re-import"))) if profile.experimental_feature: @@ -2232,12 +2262,13 @@ class Import(BaseImport): else: actions.append(("CH", _("Check for changes"))) actions.append(("AC", _("Archive"))) - if self.state == "AC": + if can_edit and self.state == "AC": state = "FE" if self.error_file else "F" actions.append((state, _("Unarchive"))) - if self.state in ("C", "A"): + if can_delete and self.state in ("C", "A"): actions.append(("ED", _("Edit"))) - actions.append(("D", _("Delete"))) + if can_delete: + actions.append(("D", _("Delete"))) return actions @property |