summaryrefslogtreecommitdiff
path: root/ishtar_common/models.py
diff options
context:
space:
mode:
Diffstat (limited to 'ishtar_common/models.py')
-rw-r--r--ishtar_common/models.py95
1 files changed, 74 insertions, 21 deletions
diff --git a/ishtar_common/models.py b/ishtar_common/models.py
index 8e5b7f703..3e51f8cb1 100644
--- a/ishtar_common/models.py
+++ b/ishtar_common/models.py
@@ -97,6 +97,7 @@ from ishtar_common.utils import (
InlineClass
)
from ishtar_common.utils_secretary import IshtarSecretaryRenderer
+from ishtar_common.views_item import get_item
from ishtar_common.alternative_configs import (
ALTERNATE_CONFIGS,
@@ -140,7 +141,8 @@ from ishtar_common.utils import (
cached_label_changed,
generate_relation_graph,
max_size_help,
- JSON_SERIALIZATION
+ JSON_SERIALIZATION,
+ SearchAltName,
)
from ishtar_common.models_common import (
@@ -175,7 +177,6 @@ from ishtar_common.models_common import (
PermissionRequest,
post_save_cache,
QuickAction,
- SearchAltName,
SearchVectorConfig,
SpatialReferenceSystem,
TemplateItem,
@@ -198,6 +199,7 @@ __all__ = [
"ImporterColumn",
"ImporterDuplicateField",
"Imported",
+ "PermissionRequest",
"Regexp",
"ImportTarget",
"ItemKey",
@@ -3466,7 +3468,8 @@ class ProfileTypeSummary(ProfileType):
class UserProfile(models.Model):
name = models.CharField(_("Name"), blank=True, default="", max_length=100)
profile_type = models.ForeignKey(
- ProfileType, verbose_name=_("Profile type"), on_delete=models.PROTECT
+ ProfileType, verbose_name=_("Profile type"), on_delete=models.PROTECT,
+ related_name="user_profiles"
)
areas = models.ManyToManyField(
"Area", verbose_name=_("Areas"), blank=True, related_name="profiles"
@@ -3521,7 +3524,9 @@ class UserProfile(models.Model):
def duplicate(self, **kwargs):
areas = [area for area in self.areas.all()]
- external_sources = [external_source for external_source in self.external_sources.all()]
+ external_sources = [
+ external_source for external_source in self.external_sources.all()
+ ]
new_item = self
new_item.pk = None
name = self.name
@@ -3541,50 +3546,95 @@ class UserProfile(models.Model):
new_item.external_sources.add(src)
return new_item
- def _generate_permission(self, ishtar_user, content_type, permission_request):
+ def _generate_permission(self, ishtar_user, content_type, permission_request,
+ permissions, permission_type):
item_ids = []
model_class = content_type.model_class()
- # TODO: gérer les paniers
if permission_request.include_associated_items:
- item_ids += model_class.filter(
+ item_ids += model_class.objects.filter(
ishtar_users__pk=ishtar_user.pk
).values_list("pk", flat=True)
+ item_ids += model_class.objects.filter(
+ history_creator_id=ishtar_user.pk
+ ).values_list("pk", flat=True)
+ if content_type.model == "find" and \
+ permission_type in ("view", "change"):
+ Find = apps.get_model("archaeological_finds", "Find")
+ k = "basket__shared_write_with" if permission_type == "change" \
+ else "basket__shared_with"
+ item_ids += list(
+ Find.objects.filter(**{k: ishtar_user}).values_list("pk", flat=True)
+ )
+ print("ishtar_common/models.py - 3561", item_ids, ishtar_user, content_type, permission_type)
if permission_request.include_upstream_items:
- # TODO....
- item_ids += model_class.get_ids_from_upper_permissions(ishtar_user.user_ptr.pk)
+ item_ids += model_class.get_ids_from_upper_permissions(
+ ishtar_user.user_ptr.pk, permissions
+ )
+ print("ishtar_common/models.py - 3566", item_ids, ishtar_user, content_type, permission_type)
if permission_request.request or permission_request.limit_to_attached_areas:
- # TODO
- pass
- query = model_class.objects
+ _get_item = get_item(
+ content_type.model_class(),
+ "", "", no_permission_check=True,
+ )
+ result = []
+ query = permission_request.request
+ if query:
+ if "{USER}" in query:
+ query = query.replace("{USER}", f"id:{ishtar_user.person_id}")
+ query = {"search_vector": query}
+ q = _get_item(None, return_query=True, ishtaruser=ishtar_user,
+ query=query)
+ result = list(q.values_list("pk", flat=True))
+ if permission_request.limit_to_attached_areas:
+ profile = ishtar_user.current_profile
+ if not profile: # no areas attached
+ return []
+ town_ids = list(profile.query_towns.values_list("pk", flat=True))
+ result_limit = []
+ get_limit_to_area_query = getattr(
+ model_class, "get_limit_to_area_query", None
+ )
+ q = get_limit_to_area_query(town_ids) if get_limit_to_area_query else None
+ if q:
+ result_limit = list(
+ model_class.objects.filter(q).values_list("pk", flat=True)
+ )
+ if result:
+ result = [pk for pk in result if pk in result_limit]
+ else:
+ result = result_limit
+ item_ids += result
+ print("ishtar_common/models.py - 3600", item_ids, ishtar_user, content_type, permission_type)
return item_ids
- def generate_permission(self, content_type):
+ def generate_permission(self, content_type, permission_type):
ishtar_user = self.person.ishtaruser
# add base permissions
for group in self.profile_type.groups.all():
- for perm in group.permissions.all():
+ for perm in group.permissions.filter(
+ codename__startswith=permission_type).all():
ishtar_user.user_ptr.user_permissions.add(perm)
q_has_perm = self.profile_type.groups.filter(
permissions__content_type=content_type,
- permissions__codename__contains="_own_"
+ permissions__codename__startswith=f"{permission_type}_own_",
)
if not q_has_perm.count(): # no permission to generate
return
permissions = []
for group in q_has_perm.all():
- permissions += list(group.permissions.values_list("pk", flat=True))
+ permissions += list(group.permissions.filter(
+ codename__contains=permission_type
+ ).all())
q_req = self.profile_type.permission_requests.filter(
model=content_type, active=True
)
item_ids = []
if not q_req.count():
# TODO v5: delete old behaviour
- """
print(f"WARNING: no permission request for content {content_type.name} and profile {self}")
print("Using old behaviour")
- """
model_class = content_type.model_class()
query = model_class.get_owns(user=ishtar_user, query=True, no_auth_check=True)
if query:
@@ -3594,13 +3644,15 @@ class UserProfile(models.Model):
else:
for perm_request in q_req.all():
item_ids += self._generate_permission(
- ishtar_user, content_type, perm_request
+ ishtar_user, content_type, perm_request, permissions,
+ permission_type
)
user_id = ishtar_user.user_ptr.pk
object_permissions = []
item_ids = list(set(item_ids))
permissions = list(set(permissions))
- for permission_id in permissions:
+ for permission in permissions:
+ permission_id = permission.pk
exclude = list(UserObjectPermission.objects.filter(
content_type_id=content_type.pk, permission_id=permission_id,
user_id=user_id
@@ -3900,7 +3952,8 @@ class IshtarUser(FullSearch):
for ct in content_types:
for profile in self.person.profiles.all():
- profile.generate_permission(ct)
+ for permission_type in ("view", "change", "delete"):
+ profile.generate_permission(ct, permission_type)
def full_label(self):
return self.person.full_label()
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-16 20:18:31 +0000