diff options
| -rw-r--r-- | ishtar/furnitures/backend.py | 49 | ||||
| -rw-r--r-- | ishtar/furnitures/models.py | 27 |
2 files changed, 66 insertions, 10 deletions
diff --git a/ishtar/furnitures/backend.py b/ishtar/furnitures/backend.py new file mode 100644 index 000000000..d251d81a8 --- /dev/null +++ b/ishtar/furnitures/backend.py @@ -0,0 +1,49 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- +# Copyright (C) 2010 Étienne Loks <etienne.loks_AT_peacefrogsDOTnet> + +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as +# published by the Free Software Foundation, either version 3 of the +# License, or (at your option) any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +# See the file COPYING for details. + +""" +Permission backend to manage "own" objects +""" + +from django.conf import settings +from django.contrib.auth.models import User + +class ObjectOwnPermBackend(object): + supports_object_permissions = True + supports_anonymous_user = True + + def authenticate(self, username, password): + # managed by the default backend + return None + + def has_perm(self, user_obj, perm, obj=None): + if not user_obj.is_authenticated(): + user_obj = User.objects.get(pk=settings.ANONYMOUS_USER_ID) + + if obj is None: + # managed by the default backend + return False + + try: + # only manage "own" permissions + assert perm.split('.')[-1].split('_')[-1] == 'own' + except (IndexError, AssertionError): + return False + + return user_obj.has_perm(perm) and obj.is_own(user_obj) diff --git a/ishtar/furnitures/models.py b/ishtar/furnitures/models.py index 7ac548165..41990e2b8 100644 --- a/ishtar/furnitures/models.py +++ b/ishtar/furnitures/models.py @@ -33,6 +33,13 @@ from simple_history.models import HistoricalRecords from ishtar import settings +class OwnPerms: + """ + Manage special permissions for object's owner + """ + def is_own(self, user): + return False + class GeneralType(models.Model): """ Abstract class for "types" @@ -95,7 +102,7 @@ class OrganizationType(GeneralType): verbose_name = _(u"Organization type") verbose_name_plural = _(u"Organization types") -class Organization(Address): +class Organization(Address, OwnPerms): name = models.CharField(_(u"Name"), max_length=100) organization_type = models.ForeignKey(OrganizationType, verbose_name=_(u"Type")) @@ -115,7 +122,7 @@ class PersonType(GeneralType): verbose_name = _(u"Person type") verbose_name_plural = _(u"Person types") -class Person(Address) : +class Person(Address, OwnPerms) : TYPE = (('Mr', _(u'Mr')), ('Ms', _(u'Miss')), ('Md', _(u'Mrs')), @@ -168,7 +175,7 @@ if settings.COUNTRY == 'fr': verbose_name = u"Saisine" verbose_name_plural = u"Saisines" -class File(BaseHistorizedItem): +class File(BaseHistorizedItem, OwnPerms): year = models.IntegerField(_(u"Year"), default=lambda:datetime.datetime.now().year) internal_reference = models.CharField(_(u"Internal reference"), @@ -210,7 +217,7 @@ class VestigeType(GeneralType): verbose_name = _(u"Vestige type") verbose_name_plural = _(u"Vestige types") -class Operation(BaseHistorizedItem): +class Operation(BaseHistorizedItem, OwnPerms): name = models.CharField(_(u"Name"), max_length=120) start_date = models.DateField(_(u"Start date")) end_date = models.DateField(_(u"End date")) @@ -292,7 +299,7 @@ class Dating(models.Model): verbose_name = _(u"Dating") verbose_name_plural = _(u"Datings") -class RegistrationUnit(BaseHistorizedItem): +class RegistrationUnit(BaseHistorizedItem, OwnPerms): parcel = models.ForeignKey(Parcel, verbose_name=_(u"Parcel")) label = models.CharField(_(u"Label"), max_length=200) description = models.TextField(_("Description")) @@ -342,7 +349,7 @@ class MaterialType(GeneralType): verbose_name = _(u"Material type") verbose_name_plural = _(u"Material types") -class BaseItem(BaseHistorizedItem): +class BaseItem(BaseHistorizedItem, OwnPerms): label = models.CharField(_(u"Label"), max_length=60) description = models.TextField(_(u"Description")) registration_unit = models.ForeignKey(RegistrationUnit, @@ -364,7 +371,7 @@ class BaseItem(BaseHistorizedItem): def __unicode__(self): return self.label -class Item(BaseHistorizedItem): +class Item(BaseHistorizedItem, OwnPerms): base_items = models.ManyToManyField(BaseItem, verbose_name=_(u"Base item")) order = models.IntegerField(_(u"Order")) label = models.CharField(_(u"Label"), max_length=60) @@ -412,7 +419,7 @@ class WarehouseType(GeneralType): verbose_name = _(u"Warehouse type") verbose_name_plural = _(u"Warehouse types") -class Warehouse(Address): +class Warehouse(Address, OwnPerms): name = models.CharField(_(u"Name"), max_length=40) warehouse_type = models.ForeignKey(WarehouseType, verbose_name=_(u"Warehouse type")) @@ -438,7 +445,7 @@ class ActType(GeneralType): verbose_name = _(u"Act type") verbose_name_plural = _(u"Act types") -class AdministrativeAct(BaseHistorizedItem): +class AdministrativeAct(BaseHistorizedItem, OwnPerms): act_type = models.ForeignKey(ActType, verbose_name=_(u"Act type")) in_charge = models.ForeignKey(Person, blank=True, null=True, related_name='+', verbose_name=_(u"Person in charge of the operation")) @@ -528,7 +535,7 @@ class TreatmentType(GeneralType): verbose_name = _(u"Treatment type") verbose_name_plural = _(u"Treatment types") -class Treatment(BaseHistorizedItem): +class Treatment(BaseHistorizedItem, OwnPerms): container = models.ForeignKey(Container, verbose_name=_(u"Container")) treatment_type = models.ForeignKey(TreatmentType, verbose_name=_(u"Treatment type")) |