diff options
| author | Étienne Loks <etienne.loks@iggdrasil.net> | 2024-10-16 17:57:13 +0200 |
|---|---|---|
| committer | Étienne Loks <etienne.loks@iggdrasil.net> | 2025-02-19 14:43:48 +0100 |
| commit | c93dd3812c53d21ab8517dc7af72e1d4b70a1b04 (patch) | |
| tree | 2153d8fd121f7ecd08a31e4867d58a2eb3c9aab7 /ishtar_common/models_imports.py | |
| parent | b8eef9b6aaed7ee097f8ea86174067f9ca42abd8 (diff) | |
| download | Ishtar-c93dd3812c53d21ab8517dc7af72e1d4b70a1b04.tar.bz2 Ishtar-c93dd3812c53d21ab8517dc7af72e1d4b70a1b04.zip | |
♻ permissions refactoring: refactor has_permission methods
Diffstat (limited to 'ishtar_common/models_imports.py')
| -rw-r--r-- | ishtar_common/models_imports.py | 34 |
1 files changed, 20 insertions, 14 deletions
diff --git a/ishtar_common/models_imports.py b/ishtar_common/models_imports.py index 5e29b98ed..ddb23e490 100644 --- a/ishtar_common/models_imports.py +++ b/ishtar_common/models_imports.py @@ -1447,25 +1447,28 @@ class BaseImport(models.Model, OwnPerms, SheetItem): abstract = True @classmethod - def get_permissions_for_actions(cls, user, session): + def get_permissions_for_actions(cls, user): if not hasattr(user, "ishtaruser") or not user.ishtaruser: return False, False, False, False - can_edit_all, can_delete_all, can_edit_own, can_delete_own = False, False, False, False - if user.is_superuser: + can_edit_all, can_delete_all = False, False + can_edit_own, can_delete_own = False, False + ishtaruser = user.ishtaruser + if ishtaruser.has_permission("ishtaradmin"): can_edit_all = True can_delete_all = True - if user.ishtaruser.has_right("change_import", session=session): - can_edit_all = True - elif user.ishtaruser.has_right("change_own_import", session=session): - can_edit_own = True - if user.ishtaruser.has_right("delete_import", session=session): - can_delete_all = True - elif user.ishtaruser.has_right("delete_own_import", session=session): - can_delete_own = True + else: + if ishtaruser.has_permission("ishtar_common.change_import"): + can_edit_all = True + elif ishtaruser.has_permission("ishtar_common.change_own_import"): + can_edit_own = True + if ishtaruser.has_permission("ishtar_common.delete_import"): + can_delete_all = True + elif ishtaruser.has_permission("ishtar_common.delete_own_import"): + can_delete_own = True return can_edit_all, can_delete_all, can_edit_own, can_delete_own @classmethod - def query_can_access(cls, user, perm="view_import"): + def query_can_access(cls, user, perm="ishtar_common.view_import"): """ Filter the query to check access permissions :param user: User instance @@ -1474,8 +1477,11 @@ class BaseImport(models.Model, OwnPerms, SheetItem): q = cls.objects if not isinstance(perm, (list, tuple)): perm = [perm] - if user.is_superuser or (hasattr(user, "ishtaruser") and user.ishtaruser and - any(user.ishtaruser.has_right(p) for p in perm)): + ishtaruser = getattr(user, "ishtaruser", None) + if not ishtaruser: + return q.filter(pk__isnull=True) + if ishtaruser.has_permission("ishtaradmin") or ( + any(ishtaruser.has_permission(p) for p in perm)): return q q = q.filter(Q(importer_type__users__pk=user.ishtaruser.pk)) return q |