summaryrefslogtreecommitdiff
path: root/ishtar_common
diff options
context:
space:
mode:
Diffstat (limited to 'ishtar_common')
-rw-r--r--ishtar_common/migrations/0274_import_gis_options.py37
-rw-r--r--ishtar_common/models.py3
-rw-r--r--ishtar_common/models_imports.py36
-rw-r--r--ishtar_common/views_api.py7
4 files changed, 67 insertions, 16 deletions
diff --git a/ishtar_common/migrations/0274_import_gis_options.py b/ishtar_common/migrations/0274_import_gis_options.py
new file mode 100644
index 000000000..b7e93030b
--- /dev/null
+++ b/ishtar_common/migrations/0274_import_gis_options.py
@@ -0,0 +1,37 @@
+# Generated by Django 4.2.19 on 2026-01-21 14:08
+
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+def update_groups(apps, __):
+ Permission = apps.get_model("auth", "Permission")
+ Group = apps.get_model("auth", "Group")
+ update = (
+ ("Imports : lecture", "view_gis_import"),
+ ("Imports rattachés : lecture", "view_own_gis_import"),
+ ("Imports : ajout", "change_gis_import"),
+ )
+ for gp_name, codename in update:
+ gp = Group.objects.filter(name=gp_name)
+ if gp.exists():
+ perm = Permission.objects.filter(codename=codename)
+ if perm.exists():
+ gp = gp.all()[0]
+ perm = perm.all()[0]
+ gp.permissions.add(perm)
+
+
+class Migration(migrations.Migration):
+
+ dependencies = [
+ ('ishtar_common', '0273_importertype_gis_type'),
+ ]
+
+ operations = [
+ migrations.AlterModelOptions(
+ name='import',
+ options={'permissions': (('view_own_import', 'Can view own Import'), ('add_own_import', 'Can add own Import'), ('change_own_import', 'Can change own Import'), ('delete_own_import', 'Can delete own Import'), ('view_gis_import', 'Can export to QGIS'), ('view_own_gis_import', 'Can export own to QGIS'), ('change_gis_import', 'Can import from QGIS'), ('change_own_gis_import', 'Can import own to QGIS')), 'verbose_name': 'Import - Import', 'verbose_name_plural': 'Import - Imports'},
+ ),
+ migrations.RunPython(update_groups)
+ ]
diff --git a/ishtar_common/models.py b/ishtar_common/models.py
index 09c710427..5c16acc9a 100644
--- a/ishtar_common/models.py
+++ b/ishtar_common/models.py
@@ -4295,7 +4295,8 @@ class IshtarUser(FullSearch):
profile.generate_permission(ct, "add", base_permission_only=True)
for permission_type in ("view", "change", "delete"):
profile.generate_permission(ct, permission_type)
-
+ if not self.user_ptr.is_staff:
+ return
# permissions for administration pages
admin_content_types = list(
ContentType.objects.exclude(
diff --git a/ishtar_common/models_imports.py b/ishtar_common/models_imports.py
index c114aff2c..1c0bd4fa4 100644
--- a/ishtar_common/models_imports.py
+++ b/ishtar_common/models_imports.py
@@ -251,14 +251,6 @@ class ImporterType(models.Model):
verbose_name = _("Importer - Type")
verbose_name_plural = _("Importer - Types")
ordering = ("name",)
- # own is defined by users
- # change permission need view permission
- permissions = (
- ("view_gis_importer", "Can export to QGIS"),
- ("view_own_gis_importer", "Can export own to QGIS"),
- ("change_gis_importer", "Can import from QGIS"),
- ("change_own_gis_importer", "Can import own to QGIS"),
- )
ADMIN_SECTION = _("Imports")
def natural_key(self):
@@ -286,19 +278,35 @@ class ImporterType(models.Model):
)
@classmethod
- def q_qgis_importers(cls, ishtaruser):
+ def _q_qgis_importers(cls, action, ishtaruser):
"""
Return QGIS importer query
+ - action : "view" or "change"
"""
# filter available according to permissions
q = cls.objects.filter(type="qgs", available=True)
- if not ishtaruser.is_superuser and not ishtaruser.has_permission(
- "change_gis_importer"):
- if not ishtaruser.has_permission("change_own_gis_importer"):
+ if not ishtaruser.is_superuser and \
+ not ishtaruser.has_permission("ishtaradmin") and \
+ not ishtaruser.has_permission(f"ishtar_common.{action}_gis_import"):
+ if not ishtaruser.has_permission(f"ishtar_common.{action}_own_gis_import"):
return q.filter(pk__isnull=True)
q = q.filter(users__pk=ishtaruser.pk)
return q
+ @classmethod
+ def q_qgis_importers(cls, ishtaruser):
+ """
+ Return QGIS importer query with view permission
+ """
+ return cls._q_qgis_importers("view", ishtaruser)
+
+ @classmethod
+ def q_qgis_change_importers(cls, ishtaruser):
+ """
+ Return QGIS importer query with change permission
+ """
+ return cls._q_qgis_importers("change", ishtaruser)
+
@property
def type_label(self):
if self.type in IMPORT_TYPES_DICT:
@@ -2246,6 +2254,10 @@ class Import(BaseImport):
("add_own_import", "Can add own Import"),
("change_own_import", "Can change own Import"),
("delete_own_import", "Can delete own Import"),
+ ("view_gis_import", "Can export to QGIS"),
+ ("view_own_gis_import", "Can export own to QGIS"),
+ ("change_gis_import", "Can import from QGIS"),
+ ("change_own_gis_import", "Can import own to QGIS"),
)
ADMIN_SECTION = _("Imports")
SLUG = "import"
diff --git a/ishtar_common/views_api.py b/ishtar_common/views_api.py
index c98f92dbb..dc4b38280 100644
--- a/ishtar_common/views_api.py
+++ b/ishtar_common/views_api.py
@@ -100,11 +100,12 @@ class GISTypeAPI(GISAPIView):
class GISBaseImportView:
def get_importer(self, request, importer_slug, can_import=None):
user = request.user
- q = ImporterType.q_qgis_importers(user.ishtaruser).filter(slug=importer_slug)
+ q = ImporterType
if can_import:
- q = q.filter(is_import=True)
+ q = q.q_qgis_change_importers(user.ishtaruser).filter(is_import=True)
else:
- q = q.filter(is_template=True)
+ q = q.q_qgis_importers(user.ishtaruser).filter(is_template=True)
+ q = q.filter(slug=importer_slug)
if not user.ishtaruser or not q.count():
return
return q.all()[0]
generated by cgit v1.2.3 (git 2.39.1) at 2026-04-01 13:34:23 +0000