diff options
Diffstat (limited to 'ishtar_common/models.py')
| -rw-r--r-- | ishtar_common/models.py | 55 |
1 files changed, 22 insertions, 33 deletions
diff --git a/ishtar_common/models.py b/ishtar_common/models.py index 24b16c873..d76d2e219 100644 --- a/ishtar_common/models.py +++ b/ishtar_common/models.py @@ -118,11 +118,8 @@ def check_model_access_control(request, model, available_perms=None): for perm, lbl in model._meta.permissions: if perm not in available_perms: continue - cperm = model._meta.app_label + '.' + perm - if request.user.has_perm(cperm) \ - or cperm in request.user.get_all_permissions() \ - or request.user.ishtaruser.has_right( - perm, session=request.session): + if request.user.ishtaruser.person.has_right( + perm, session=request.session): allowed = True if "_own_" not in perm: own = False @@ -2545,7 +2542,7 @@ class Person(Address, Merge, OwnPerms, ValueGetter): def is_natural(self): return not self.attached_to - def has_right(self, right_name, session=None): + def has_right(self, right_name, session=None, obj=None): if '.' in right_name: right_name = right_name.split('.')[-1] res, cache_key = "", "" @@ -2559,13 +2556,10 @@ class Person(Address, Merge, OwnPerms, ValueGetter): key_list = cache.get(cache_key_list, []) key_list.append(cache_key) cache.set(cache_key_list, key_list, settings.CACHE_TIMEOUT) - if type(right_name) in (list, tuple): - res = bool( - self.profiles.filter( + res = bool(self.profiles.filter( current=True, - profile_type__txt_idx__in=right_name - ).count()) or \ + profile_type__txt_idx__in=right_name).count()) or \ bool(self.profiles.filter( current=True, profile_type__groups__permissions__codename__in=right_name @@ -2577,10 +2571,9 @@ class Person(Address, Merge, OwnPerms, ValueGetter): codename__in=right_name).count()) else: res = bool( - self.profiles.filter( - current=True, - profile_type__txt_idx__in=right_name - ).count()) or \ + self.profiles.filter( + current=True, + profile_type__txt_idx=right_name).count()) or \ bool(self.profiles.filter( current=True, profile_type__groups__permissions__codename=right_name @@ -2736,13 +2729,19 @@ class IshtarUser(FullSearch): if not q.count(): return ishtaruser = q.all()[0] - admin, created = PersonType.objects.get_or_create( - txt_idx='administrator') person = ishtaruser.person + admin, created = ProfileType.objects.get_or_create( + txt_idx='administrator') if user.is_superuser: - person.person_types.add(admin) - elif admin in person.person_types.all(): - person.person_types.remove(admin) + UserProfile.objects.get_or_create( + profile_type=admin, person=person, + defaults={'current': True}) + else: + q = UserProfile.objects.filter( + profile_type=admin, person=person) + if q.count(): + for up in q.all(): + up.delete() @classmethod def create_from_user(cls, user): @@ -2759,22 +2758,12 @@ class IshtarUser(FullSearch): def has_right(self, right_name, session=None): return self.person.has_right(right_name, session=session) + def has_perm(self, perm, model=None, session=None, obj=None): + return self.person.has_right(perm, session=session, obj=None) + def full_label(self): return self.person.full_label() - def has_perm(self, perm, model=None, session=None, obj=None): - if not session: - return self.user_ptr.has_perm(perm, model) - cache_key = 'usersession-{}-{}-{}-{}'.format( - session.session_key, perm, model.__name__ if model else 'no', - obj.pk if obj else 'no') - res = cache.get(cache_key) - if res in (True, False): - return res - res = self.user_ptr.has_perm(perm, model) - cache.set(cache_key, res, settings.CACHE_SMALLTIMEOUT) - return res - class Basket(models.Model): """ |