1 files changed, 63 insertions, 0 deletions

diff --git a/ishtar_common/utils.py b/ishtar_common/utils.py
index 6c77563ef..0b5b1bd57 100644
--- a/ishtar_common/utils.py
+++ b/ishtar_common/utils.py
@@ -30,6 +30,7 @@ import tempfile
 
 from django import forms
 from django.conf import settings
+from django.conf.urls import url
 from django.contrib.contenttypes.models import ContentType
 from django.contrib.gis.geos import GEOSGeometry
 from django.contrib.sessions.backends.db import SessionStore
@@ -56,6 +57,52 @@ class BColors:
     UNDERLINE = '\033[4m'
 
 
+def check_rights(rights=[], redirect_url='/'):
+    """
+    Decorator that checks the rights to access the view.
+    """
+
+    def decorator(view_func):
+        def _wrapped_view(request, *args, **kwargs):
+            if not rights:
+                return view_func(request, *args, **kwargs)
+            if hasattr(request.user, 'ishtaruser'):
+                if request.user.ishtaruser.has_right('administrator',
+                                                     request.session):
+                    kwargs['current_right'] = 'administrator'
+                    return view_func(request, *args, **kwargs)
+                for right in rights:
+                    # be careful to put the more permissive rights first
+                    # if granted it can allow more
+                    if request.user.ishtaruser.has_right(right,
+                                                         request.session):
+                        kwargs['current_right'] = right
+                        return view_func(request, *args, **kwargs)
+            put_session_message(
+                request.session.session_key,
+                _(u"You don't have sufficient permissions to do this action."),
+                'warning'
+            )
+            return HttpResponseRedirect(redirect_url)
+        return _wrapped_view
+    return decorator
+
+
+def check_rights_condition(rights):
+    """
+    To be used to check in wizard condition_dict
+    """
+    def func(self):
+        request = self.request
+        if request.user.ishtaruser.has_right('administrator', request.session):
+            return True
+        for right in rights:
+            if request.user.ishtaruser.has_right(right, request.session):
+                return True
+        return False
+    return func
+
+
 class MultiValueDict(BaseMultiValueDict):
     def get(self, *args, **kwargs):
         v = super(MultiValueDict, self).getlist(*args, **kwargs)
@@ -703,3 +750,19 @@ def create_default_json_fields(model):
             }
         )
 
+
+def get_urls_for_model(model, views):
+    """
+    Generate get and show url for a model
+    """
+    urls = [
+        url(r'show-{}(?:/(?P<pk>.+))?/(?P<type>.+)?$'.format(model.SLUG),
+            check_rights(['view_' + model.SLUG, 'view_own_' + model.SLUG])(
+                getattr(views, 'show_' + model.SLUG)),
+            name="show-" + model.SLUG),
+        url(r'get-{}/(?P<type>.+)?$'.format(model.SLUG),
+            check_rights(['view_' + model.SLUG, 'view_own_' + model.SLUG])(
+                getattr(views, 'get_' + model.SLUG)),
+            name="get-" + model.SLUG),
+    ]
+    return urls