diff options
| -rw-r--r-- | ishtar/furnitures/backend.py | 49 | ||||
| -rw-r--r-- | ishtar/furnitures/models.py | 27 | 
2 files changed, 66 insertions, 10 deletions
| diff --git a/ishtar/furnitures/backend.py b/ishtar/furnitures/backend.py new file mode 100644 index 000000000..d251d81a8 --- /dev/null +++ b/ishtar/furnitures/backend.py @@ -0,0 +1,49 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- +# Copyright (C) 2010  Étienne Loks  <etienne.loks_AT_peacefrogsDOTnet> + +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as +# published by the Free Software Foundation, either version 3 of the +# License, or (at your option) any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with this program.  If not, see <http://www.gnu.org/licenses/>. + +# See the file COPYING for details. + +""" +Permission backend to manage "own" objects +""" + +from django.conf import settings +from django.contrib.auth.models import User + +class ObjectOwnPermBackend(object): +    supports_object_permissions = True +    supports_anonymous_user = True + +    def authenticate(self, username, password): +        # managed by the default backend +        return None + +    def has_perm(self, user_obj, perm, obj=None): +        if not user_obj.is_authenticated(): +            user_obj = User.objects.get(pk=settings.ANONYMOUS_USER_ID) + +        if obj is None: +            # managed by the default backend +            return False + +        try: +            # only manage "own" permissions +            assert perm.split('.')[-1].split('_')[-1] == 'own' +        except (IndexError, AssertionError): +            return False + +        return user_obj.has_perm(perm) and obj.is_own(user_obj) diff --git a/ishtar/furnitures/models.py b/ishtar/furnitures/models.py index 7ac548165..41990e2b8 100644 --- a/ishtar/furnitures/models.py +++ b/ishtar/furnitures/models.py @@ -33,6 +33,13 @@ from simple_history.models import HistoricalRecords  from ishtar import settings +class OwnPerms: +    """ +    Manage special permissions for object's owner +    """ +    def is_own(self, user): +        return False +  class GeneralType(models.Model):      """      Abstract class for "types" @@ -95,7 +102,7 @@ class OrganizationType(GeneralType):          verbose_name = _(u"Organization type")          verbose_name_plural = _(u"Organization types") -class Organization(Address): +class Organization(Address, OwnPerms):      name = models.CharField(_(u"Name"), max_length=100)      organization_type = models.ForeignKey(OrganizationType,                                            verbose_name=_(u"Type")) @@ -115,7 +122,7 @@ class PersonType(GeneralType):          verbose_name = _(u"Person type")          verbose_name_plural = _(u"Person types") -class Person(Address) : +class Person(Address, OwnPerms) :      TYPE = (('Mr', _(u'Mr')),              ('Ms', _(u'Miss')),              ('Md', _(u'Mrs')), @@ -168,7 +175,7 @@ if settings.COUNTRY == 'fr':              verbose_name = u"Saisine"              verbose_name_plural = u"Saisines" -class File(BaseHistorizedItem): +class File(BaseHistorizedItem, OwnPerms):      year = models.IntegerField(_(u"Year"),                                 default=lambda:datetime.datetime.now().year)      internal_reference = models.CharField(_(u"Internal reference"), @@ -210,7 +217,7 @@ class VestigeType(GeneralType):          verbose_name = _(u"Vestige type")          verbose_name_plural = _(u"Vestige types") -class Operation(BaseHistorizedItem): +class Operation(BaseHistorizedItem, OwnPerms):      name = models.CharField(_(u"Name"), max_length=120)      start_date = models.DateField(_(u"Start date"))      end_date = models.DateField(_(u"End date")) @@ -292,7 +299,7 @@ class Dating(models.Model):          verbose_name = _(u"Dating")          verbose_name_plural = _(u"Datings") -class RegistrationUnit(BaseHistorizedItem): +class RegistrationUnit(BaseHistorizedItem, OwnPerms):      parcel = models.ForeignKey(Parcel, verbose_name=_(u"Parcel"))      label = models.CharField(_(u"Label"), max_length=200)      description = models.TextField(_("Description")) @@ -342,7 +349,7 @@ class MaterialType(GeneralType):          verbose_name = _(u"Material type")          verbose_name_plural = _(u"Material types") -class BaseItem(BaseHistorizedItem): +class BaseItem(BaseHistorizedItem, OwnPerms):      label = models.CharField(_(u"Label"), max_length=60)      description = models.TextField(_(u"Description"))      registration_unit = models.ForeignKey(RegistrationUnit, @@ -364,7 +371,7 @@ class BaseItem(BaseHistorizedItem):      def __unicode__(self):          return self.label -class Item(BaseHistorizedItem): +class Item(BaseHistorizedItem, OwnPerms):      base_items = models.ManyToManyField(BaseItem, verbose_name=_(u"Base item"))      order = models.IntegerField(_(u"Order"))      label = models.CharField(_(u"Label"), max_length=60) @@ -412,7 +419,7 @@ class WarehouseType(GeneralType):          verbose_name = _(u"Warehouse type")          verbose_name_plural = _(u"Warehouse types") -class Warehouse(Address): +class Warehouse(Address, OwnPerms):      name = models.CharField(_(u"Name"), max_length=40)      warehouse_type = models.ForeignKey(WarehouseType,                                         verbose_name=_(u"Warehouse type")) @@ -438,7 +445,7 @@ class ActType(GeneralType):          verbose_name = _(u"Act type")          verbose_name_plural = _(u"Act types") -class AdministrativeAct(BaseHistorizedItem): +class AdministrativeAct(BaseHistorizedItem, OwnPerms):      act_type = models.ForeignKey(ActType, verbose_name=_(u"Act type"))      in_charge = models.ForeignKey(Person, blank=True, null=True,          related_name='+', verbose_name=_(u"Person in charge of the operation")) @@ -528,7 +535,7 @@ class TreatmentType(GeneralType):          verbose_name = _(u"Treatment type")          verbose_name_plural = _(u"Treatment types") -class Treatment(BaseHistorizedItem): +class Treatment(BaseHistorizedItem, OwnPerms):      container = models.ForeignKey(Container, verbose_name=_(u"Container"))      treatment_type = models.ForeignKey(TreatmentType,                                         verbose_name=_(u"Treatment type")) | 
