diff options
Diffstat (limited to 'ishtar_common/models_common.py')
| -rw-r--r-- | ishtar_common/models_common.py | 33 |
1 files changed, 20 insertions, 13 deletions
diff --git a/ishtar_common/models_common.py b/ishtar_common/models_common.py index 6f995569c..4a266af9c 100644 --- a/ishtar_common/models_common.py +++ b/ishtar_common/models_common.py @@ -1182,13 +1182,17 @@ class Imported(models.Model): abstract = True def _get_imports(self, user, key, limit): - if not user.ishtaruser: + ishtaruser = getattr(user, "ishtaruser", None) + if not ishtaruser: return [] q = getattr(self, key) - if user.is_superuser or user.ishtaruser.has_right("view_import"): + if ishtaruser.has_permission("ishtaradmin") or \ + ishtaruser.has_permission("ishtar_common.view_import"): q = q.all() - elif user.ishtaruser.has_right("view_own_import"): - q = q.filter(Q(user=user.ishtaruser) | Q(importer_type__users__pk=user.ishtaruser.pk)) + elif ishtaruser.has_permission("ishtar_common.view_own_import"): + q = q.filter(Q(user=user.ishtaruser) | Q( + importer_type__users__pk=user.ishtaruser.pk) + ) else: return [] q = q.order_by("-id") @@ -1946,7 +1950,8 @@ class DocumentItem: @property def pdf_attached(self): for document in self.documents.filter( - Q(associated_file__isnull=False) | Q(source__associated_file__isnull=False) + Q(associated_file__isnull=False) | + Q(source__associated_file__isnull=False) ).all(): return document.pdf_attached @@ -1967,7 +1972,7 @@ class DocumentItem: print(f"**WARNING** can_do not implemented for {self.__class__}") return actions - can_add_doc = self.can_do(request, "add_document") + can_add_doc = self.can_do(request, "ishtar_common.add_document") if can_add_doc and ( not hasattr(self, "is_locked") or not self.is_locked(request.user) ): @@ -3318,13 +3323,13 @@ class MainItem(ShortMenuItem, SerializeItem, SheetItem): pass @classmethod - def get_quick_actions(cls, user, session=None, obj=None): + def get_quick_actions(cls, user): """ Get a list of (url, title, icon, target) actions for an user """ qas = [] for action in cls.QUICK_ACTIONS: - if not action.is_available(user, session=session, obj=obj): + if not action.is_available(user): continue qas.append( [ @@ -3376,14 +3381,14 @@ class MainItem(ShortMenuItem, SerializeItem, SheetItem): """ Check permission availability for the current object. :param request: request object - :param action_name: action name eg: "change_find" + :param action_name: action name eg: "archaeological_finds.change_find" :return: boolean """ # overload with OwnPerm when _own_ is relevant if not getattr(request.user, "ishtaruser", None): return False user = request.user - return user.ishtaruser.has_right(action_name, request.session) + return user.ishtaruser.has_permission(action_name) def get_extra_actions(self, request): if not hasattr(self, "SLUG"): @@ -3636,7 +3641,9 @@ class Town(GeographicItem, Imported, DocumentItem, MainItem, models.Model): # url, base_text, icon, extra_text, extra css class, is a quick action actions = super().get_extra_actions(request) profile = get_current_profile() - can_add_geo = profile.mapping and self.can_do(request, "add_geovectordata") + can_add_geo = profile.mapping and self.can_do( + request, "ishtar_common.add_geovectordata" + ) if can_add_geo: actions.append(self.get_add_geo_action()) return actions @@ -4168,7 +4175,7 @@ class QuickAction: if self.target not in ("one", "many", None): raise AttributeError("target must be one, many or None") - def is_available(self, user, session=None, obj=None): + def is_available(self, user, obj=None): if self.module and not getattr(get_current_profile(), self.module): return False if not self.rights: # no restriction @@ -4178,7 +4185,7 @@ class QuickAction: user = user.ishtaruser for right in self.rights: - if user.has_perm(right, session=session, obj=obj): + if user.has_permission(right, obj=obj): return True return False |