diff --git a/mayan/apps/acls/managers.py b/mayan/apps/acls/managers.py index bb04f301b8..4a95bc2f3f 100644 --- a/mayan/apps/acls/managers.py +++ b/mayan/apps/acls/managers.py @@ -11,7 +11,8 @@ from django.db.models import Q from django.utils.translation import ugettext from common.models import AnonymousUserSingleton -from permissions.models import Permission, RoleMember +from permissions import Permission +from permissions.models import RoleMember from .classes import AccessHolder, ClassAccessHolder, get_source_object @@ -82,7 +83,7 @@ class AccessEntryManager(models.Manager): try: self.model.objects.get( - permission=permission.get_stored_permission(), + permission=permission.stored_permission, holder_type=ContentType.objects.get_for_model(actor), holder_id=actor.pk, content_type=content_type, @@ -209,7 +210,7 @@ class AccessEntryManager(models.Manager): if isinstance(actor, User) and not db_only: if actor.is_superuser or actor.is_staff: - return Permission.objects.all() + return Permission.all() actor_type = ContentType.objects.get_for_model(actor) content_type = ContentType.objects.get_for_model(obj) @@ -282,7 +283,7 @@ class DefaultAccessEntryManager(models.Manager): try: self.model.objects.get( - permission=permission.get_stored_permission(), + permission=permission.stored_permission, holder_type=ContentType.objects.get_for_model(actor), holder_id=actor.pk, content_type=ContentType.objects.get_for_model(cls), @@ -323,7 +324,7 @@ class DefaultAccessEntryManager(models.Manager): def get_holder_permissions_for(self, cls, actor): if isinstance(actor, User): if actor.is_superuser or actor.is_staff: - return Permission.objects.all() + return Permission.all() actor_type = ContentType.objects.get_for_model(actor) content_type = ContentType.objects.get_for_model(cls) diff --git a/mayan/apps/acls/permissions.py b/mayan/apps/acls/permissions.py index 2b923fdec7..c58dca7d86 100644 --- a/mayan/apps/acls/permissions.py +++ b/mayan/apps/acls/permissions.py @@ -2,7 +2,7 @@ from __future__ import absolute_import, unicode_literals from django.utils.translation import ugettext_lazy as _ -from permissions.models import PermissionNamespace +from permissions import PermissionNamespace acls_namespace = PermissionNamespace('acls', _('Access control lists')) acls_setup_namespace = PermissionNamespace('acls_setup', _('Access control lists')) diff --git a/mayan/apps/acls/views.py b/mayan/apps/acls/views.py index 663126cb3c..9c5ef35fa4 100644 --- a/mayan/apps/acls/views.py +++ b/mayan/apps/acls/views.py @@ -16,7 +16,7 @@ from django.utils.translation import ugettext_lazy as _ from common.utils import encapsulate from common.widgets import two_state_template -from permissions.models import Permission +from permissions import Permission from .api import get_class_permissions_for from .classes import ( @@ -38,7 +38,7 @@ def _permission_titles(permission_list): def acl_list_for(request, obj, extra_context=None): try: - Permission.objects.check_permissions(request.user, [acls_view_acl]) + Permission.check_permissions(request.user, [acls_view_acl]) except PermissionDenied: AccessEntry.objects.check_access(acls_view_acl, request.user, obj) @@ -83,7 +83,7 @@ def acl_detail(request, access_object_gid, holder_object_gid): def acl_detail_for(request, actor, obj): try: - Permission.objects.check_permissions(request.user, [acls_view_acl]) + Permission.check_permissions(request.user, [acls_view_acl]) except PermissionDenied: AccessEntry.objects.check_accesses([acls_view_acl], actor, obj) @@ -142,7 +142,7 @@ def acl_grant(request): for item_properties in items_property_list: try: - permission = Permission.objects.get({'pk': item_properties['permission_pk']}) + permission = Permission.get({'pk': item_properties['permission_pk']}) except Permission.DoesNotExist: raise Http404 @@ -153,7 +153,7 @@ def acl_grant(request): raise Http404 try: - Permission.objects.check_permissions(request.user, [acls_edit_acl]) + Permission.check_permissions(request.user, [acls_edit_acl]) except PermissionDenied: try: AccessEntry.objects.check_access(acls_edit_acl, request.user, access_object) @@ -233,7 +233,7 @@ def acl_revoke(request): for item_properties in items_property_list: try: - permission = Permission.objects.get({'pk': item_properties['permission_pk']}) + permission = Permission.get({'pk': item_properties['permission_pk']}) except Permission.DoesNotExist: raise Http404 @@ -244,7 +244,7 @@ def acl_revoke(request): raise Http404 try: - Permission.objects.check_permissions(request.user, [acls_edit_acl]) + Permission.check_permissions(request.user, [acls_edit_acl]) except PermissionDenied: try: AccessEntry.objects.check_access(acls_edit_acl, request.user, access_object) @@ -313,7 +313,7 @@ def acl_revoke(request): def acl_new_holder_for(request, obj, extra_context=None, navigation_object=None): try: - Permission.objects.check_permissions(request.user, [acls_edit_acl]) + Permission.check_permissions(request.user, [acls_edit_acl]) except PermissionDenied: AccessEntry.objects.check_access(acls_edit_acl, request.user, obj) @@ -364,7 +364,7 @@ def acl_holder_new(request, access_object_gid): # Setup views def acl_setup_valid_classes(request): - Permission.objects.check_permissions(request.user, [acls_class_view_acl]) + Permission.check_permissions(request.user, [acls_class_view_acl]) context = { 'object_list': DefaultAccessEntry.get_classes(), @@ -382,7 +382,7 @@ def acl_setup_valid_classes(request): def acl_class_acl_list(request, access_object_class_gid): logger.debug('access_object_class_gid: %s', access_object_class_gid) - Permission.objects.check_permissions(request.user, [acls_class_view_acl]) + Permission.check_permissions(request.user, [acls_class_view_acl]) access_object_class = AccessObjectClass.get(gid=access_object_class_gid) logger.debug('access_object_class: %s', access_object_class) @@ -404,7 +404,7 @@ def acl_class_acl_list(request, access_object_class_gid): def acl_class_acl_detail(request, access_object_class_gid, holder_object_gid): - Permission.objects.check_permissions(request.user, [acls_class_view_acl]) + Permission.check_permissions(request.user, [acls_class_view_acl]) try: actor = AccessHolder.get(gid=holder_object_gid) access_object_class = AccessObjectClass.get(gid=access_object_class_gid) @@ -448,7 +448,7 @@ def acl_class_acl_detail(request, access_object_class_gid, holder_object_gid): def acl_class_new_holder_for(request, access_object_class_gid): - Permission.objects.check_permissions(request.user, [acls_class_edit_acl]) + Permission.check_permissions(request.user, [acls_class_edit_acl]) access_object_class = AccessObjectClass.get(gid=access_object_class_gid) if request.method == 'POST': @@ -475,7 +475,7 @@ def acl_class_new_holder_for(request, access_object_class_gid): def acl_class_multiple_grant(request): - Permission.objects.check_permissions(request.user, [acls_class_edit_acl]) + Permission.check_permissions(request.user, [acls_class_edit_acl]) items_property_list = loads(request.GET.get('items_property_list', [])) next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) @@ -488,7 +488,7 @@ def acl_class_multiple_grant(request): for item_properties in items_property_list: try: - permission = Permission.objects.get({'pk': item_properties['permission_pk']}) + permission = Permission.get({'pk': item_properties['permission_pk']}) except Permission.DoesNotExist: raise Http404 try: @@ -552,7 +552,7 @@ def acl_class_multiple_grant(request): def acl_class_multiple_revoke(request): - Permission.objects.check_permissions(request.user, [acls_class_edit_acl]) + Permission.check_permissions(request.user, [acls_class_edit_acl]) items_property_list = loads(request.GET.get('items_property_list', [])) next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) @@ -565,7 +565,7 @@ def acl_class_multiple_revoke(request): for item_properties in items_property_list: try: - permission = Permission.objects.get({'pk': item_properties['permission_pk']}) + permission = Permission.get({'pk': item_properties['permission_pk']}) except Permission.DoesNotExist: raise Http404 try: diff --git a/mayan/apps/checkouts/api_views.py b/mayan/apps/checkouts/api_views.py index 59c9b73978..3b3243af00 100644 --- a/mayan/apps/checkouts/api_views.py +++ b/mayan/apps/checkouts/api_views.py @@ -11,7 +11,7 @@ from rest_framework.response import Response from acls.models import AccessEntry from documents.models import Document from documents.permissions import permission_document_view -from permissions.models import Permission +from permissions import Permission from .models import DocumentCheckout from .permissions import permission_document_checkout, permission_document_checkin, permission_document_checkin_override @@ -29,7 +29,7 @@ class APICheckedoutDocumentListView(generics.ListCreateAPIView): documents = DocumentCheckout.objects.checked_out_documents() try: - Permission.objects.check_permissions(self.request.user, [permission_document_view]) + Permission.check_permissions(self.request.user, [permission_document_view]) except PermissionDenied: filtered_documents = AccessEntry.objects.filter_objects_by_access([permission_document_view], self.request.user, documents) else: @@ -52,7 +52,7 @@ class APICheckedoutDocumentListView(generics.ListCreateAPIView): if serializer.is_valid(): document = get_object_or_404(Document, pk=serializer.data['document']) try: - Permission.objects.check_permissions(request.user, [permission_document_checkout]) + Permission.check_permissions(request.user, [permission_document_checkout]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_checkout, request.user, document) @@ -81,7 +81,7 @@ class APICheckedoutDocumentView(generics.RetrieveDestroyAPIView): documents = DocumentCheckout.objects.checked_out_documents() try: - Permission.objects.check_permissions(self.request.user, [permission_document_view]) + Permission.check_permissions(self.request.user, [permission_document_view]) except PermissionDenied: filtered_documents = AccessEntry.objects.filter_objects_by_access([permission_document_view], self.request.user, documents) else: @@ -107,12 +107,12 @@ class APICheckedoutDocumentView(generics.RetrieveDestroyAPIView): if document.checkout_info().user == request.user: try: - Permission.objects.check_permissions(request.user, [permission_document_checkin]) + Permission.check_permissions(request.user, [permission_document_checkin]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_checkin, request.user, document) else: try: - Permission.objects.check_permissions(request.user, [permission_document_checkin_override]) + Permission.check_permissions(request.user, [permission_document_checkin_override]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_checkin_override, request.user, document) diff --git a/mayan/apps/checkouts/permissions.py b/mayan/apps/checkouts/permissions.py index 40ae1556c1..00d78f2a63 100644 --- a/mayan/apps/checkouts/permissions.py +++ b/mayan/apps/checkouts/permissions.py @@ -2,7 +2,7 @@ from __future__ import absolute_import, unicode_literals from django.utils.translation import ugettext_lazy as _ -from permissions.models import PermissionNamespace +from permissions import PermissionNamespace namespace = PermissionNamespace('checkouts', _('Document checkout')) diff --git a/mayan/apps/checkouts/views.py b/mayan/apps/checkouts/views.py index 4a90e19167..aaefb668cb 100644 --- a/mayan/apps/checkouts/views.py +++ b/mayan/apps/checkouts/views.py @@ -14,7 +14,7 @@ from documents.views import DocumentListView from acls.models import AccessEntry from common.utils import encapsulate, get_object_name -from permissions.models import Permission +from permissions import Permission from .exceptions import DocumentAlreadyCheckedOut, DocumentNotCheckedOut from .forms import DocumentCheckoutForm @@ -43,7 +43,7 @@ class CheckoutListView(DocumentListView): def checkout_info(request, document_pk): document = get_object_or_404(Document, pk=document_pk) try: - Permission.objects.check_permissions(request.user, [permission_document_checkout, permission_document_checkin]) + Permission.check_permissions(request.user, [permission_document_checkout, permission_document_checkin]) except PermissionDenied: AccessEntry.objects.check_accesses([permission_document_checkout, permission_document_checkin], request.user, document) @@ -66,7 +66,7 @@ def checkout_info(request, document_pk): def checkout_document(request, document_pk): document = get_object_or_404(Document, pk=document_pk) try: - Permission.objects.check_permissions(request.user, [permission_document_checkout]) + Permission.check_permissions(request.user, [permission_document_checkout]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_checkout, request.user, document) @@ -114,12 +114,12 @@ def checkin_document(request, document_pk): # checkin permission if document.checkout_info().user == request.user: try: - Permission.objects.check_permissions(request.user, [permission_document_checkin]) + Permission.check_permissions(request.user, [permission_document_checkin]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_checkin, request.user, document) else: try: - Permission.objects.check_permissions(request.user, [permission_document_checkin_override]) + Permission.check_permissions(request.user, [permission_document_checkin_override]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_checkin_override, request.user, document) diff --git a/mayan/apps/common/mixins.py b/mayan/apps/common/mixins.py index bc75e367d4..3eae1f1e0d 100644 --- a/mayan/apps/common/mixins.py +++ b/mayan/apps/common/mixins.py @@ -5,7 +5,7 @@ from django.core.exceptions import PermissionDenied from django.core.urlresolvers import reverse from acls.models import AccessEntry -from permissions.models import Permission +from permissions import Permission class ExtraContextMixin(object): @@ -29,7 +29,7 @@ class ObjectListPermissionFilterMixin(object): if self.object_permission: try: # Check to see if the user has the permissions globally - Permission.objects.check_permissions(self.request.user, (self.object_permission,)) + Permission.check_permissions(self.request.user, (self.object_permission,)) except PermissionDenied: # No global permission, filter ther queryset per object + permission return AccessEntry.objects.filter_objects_by_access(self.object_permission, self.request.user, queryset) @@ -50,7 +50,7 @@ class ObjectPermissionCheckMixin(object): if self.object_permission: try: - Permission.objects.check_permissions(request.user, (self.object_permission,)) + Permission.check_permissions(request.user, (self.object_permission,)) except PermissionDenied: AccessEntry.objects.check_access(self.object_permission, request.user, self.get_permission_object()) @@ -86,6 +86,6 @@ class ViewPermissionCheckMixin(object): def dispatch(self, request, *args, **kwargs): if self.view_permission: - Permission.objects.check_permissions(self.request.user, (self.view_permission,)) + Permission.check_permissions(self.request.user, (self.view_permission,)) return super(ViewPermissionCheckMixin, self).dispatch(request, *args, **kwargs) diff --git a/mayan/apps/converter/permissions.py b/mayan/apps/converter/permissions.py index 2155180b59..1c023832f1 100644 --- a/mayan/apps/converter/permissions.py +++ b/mayan/apps/converter/permissions.py @@ -2,10 +2,11 @@ from __future__ import absolute_import, unicode_literals from django.utils.translation import ugettext_lazy as _ -from permissions.models import Permission, PermissionNamespace +from permissions import PermissionNamespace namespace = PermissionNamespace('converter', _('Converter')) -permission_transformation_create = Permission.objects.register(namespace, 'transformation_create', _('Create new transformations')) -permission_transformation_delete = Permission.objects.register(namespace, 'transformation_delete', _('Delete transformations')) -permission_transformation_edit = Permission.objects.register(namespace, 'transformation_edit', _('Edit transformations')) -permission_transformation_view = Permission.objects.register(namespace, 'transformation_view', _('View existing transformations')) + +permission_transformation_create = namespace.add_permission(name='transformation_create', label=_('Create new transformations')) +permission_transformation_delete = namespace.add_permission(name='transformation_delete', label=_('Delete transformations')) +permission_transformation_edit = namespace.add_permission(name='transformation_edit', label=_('Edit transformations')) +permission_transformation_view = namespace.add_permission(name='transformation_view', label=_('View existing transformations')) diff --git a/mayan/apps/converter/views.py b/mayan/apps/converter/views.py index 2fa584877e..84d7007101 100644 --- a/mayan/apps/converter/views.py +++ b/mayan/apps/converter/views.py @@ -13,7 +13,7 @@ from django.utils.translation import ugettext_lazy as _ from acls.models import AccessEntry from common.utils import encapsulate -from permissions.models import Permission +from permissions import Permission from .forms import TransformationForm from .models import Transformation @@ -34,7 +34,7 @@ def transformation_list(request, app_label, model, object_id): raise Http404 try: - Permission.objects.check_permissions(request.user, [permission_transformation_view]) + Permission.check_permissions(request.user, [permission_transformation_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_transformation_view, request.user, content_object) @@ -65,7 +65,7 @@ def transformation_create(request, app_label, model, object_id): raise Http404 try: - Permission.objects.check_permissions(request.user, [permission_transformation_create]) + Permission.check_permissions(request.user, [permission_transformation_create]) except PermissionDenied: AccessEntry.objects.check_access(permission_transformation_create, request.user, content_object) @@ -92,7 +92,7 @@ def transformation_delete(request, object_id): transformation = get_object_or_404(Transformation, pk=object_id) try: - Permission.objects.check_permissions(request.user, [permission_transformation_delete]) + Permission.check_permissions(request.user, [permission_transformation_delete]) except PermissionDenied: AccessEntry.objects.check_access(permission_transformation_delete, request.user, transformation.content_object) @@ -117,7 +117,7 @@ def transformation_edit(request, object_id): transformation = get_object_or_404(Transformation, pk=object_id) try: - Permission.objects.check_permissions(request.user, [permission_transformation_edit]) + Permission.check_permissions(request.user, [permission_transformation_edit]) except PermissionDenied: AccessEntry.objects.check_access(permission_transformation_edit, request.user, transformation.content_object) diff --git a/mayan/apps/django_gpg/permissions.py b/mayan/apps/django_gpg/permissions.py index 4361afb9b0..ed527e11f5 100644 --- a/mayan/apps/django_gpg/permissions.py +++ b/mayan/apps/django_gpg/permissions.py @@ -2,7 +2,7 @@ from __future__ import absolute_import, unicode_literals from django.utils.translation import ugettext_lazy as _ -from permissions.models import PermissionNamespace +from permissions import PermissionNamespace namespace = PermissionNamespace('django_gpg', _('Key management')) diff --git a/mayan/apps/django_gpg/views.py b/mayan/apps/django_gpg/views.py index 2cb34bb5f9..472730c9a6 100644 --- a/mayan/apps/django_gpg/views.py +++ b/mayan/apps/django_gpg/views.py @@ -12,7 +12,7 @@ from django.template import RequestContext from django.utils.translation import ugettext_lazy as _ from common.utils import encapsulate -from permissions.models import Permission +from permissions import Permission from .api import Key from .forms import KeySearchForm @@ -26,7 +26,7 @@ logger = logging.getLogger(__name__) def key_receive(request, key_id): - Permission.objects.check_permissions(request.user, [permission_key_receive]) + Permission.check_permissions(request.user, [permission_key_receive]) previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) @@ -64,7 +64,7 @@ def key_receive(request, key_id): def key_list(request, secret=True): - Permission.objects.check_permissions(request.user, [permission_key_view]) + Permission.check_permissions(request.user, [permission_key_view]) if secret: object_list = Key.get_all(gpg, secret=True) @@ -91,7 +91,7 @@ def key_list(request, secret=True): def key_delete(request, fingerprint, key_type): - Permission.objects.check_permissions(request.user, [permission_key_delete]) + Permission.check_permissions(request.user, [permission_key_delete]) secret = key_type == 'sec' key = Key.get(gpg, fingerprint, secret=secret) @@ -119,7 +119,7 @@ def key_delete(request, fingerprint, key_type): def key_query(request): - Permission.objects.check_permissions(request.user, [permission_keyserver_query]) + Permission.check_permissions(request.user, [permission_keyserver_query]) subtemplates_list = [] term = request.GET.get('term') diff --git a/mayan/apps/document_comments/permissions.py b/mayan/apps/document_comments/permissions.py index acd68721db..0f8cf08453 100644 --- a/mayan/apps/document_comments/permissions.py +++ b/mayan/apps/document_comments/permissions.py @@ -2,7 +2,7 @@ from __future__ import absolute_import, unicode_literals from django.utils.translation import ugettext_lazy as _ -from permissions.models import PermissionNamespace +from permissions import PermissionNamespace namespace = PermissionNamespace('comments', _('Comments')) diff --git a/mayan/apps/document_comments/views.py b/mayan/apps/document_comments/views.py index 7f2cc4b74e..9ab6c7b487 100644 --- a/mayan/apps/document_comments/views.py +++ b/mayan/apps/document_comments/views.py @@ -14,7 +14,7 @@ from django.utils.translation import ugettext_lazy as _ from acls.models import AccessEntry from documents.models import Document -from permissions.models import Permission +from permissions import Permission from .forms import CommentForm from .permissions import ( @@ -32,7 +32,7 @@ def comment_delete(request, comment_id=None, comment_id_list=None): comments = [get_object_or_404(Comment, pk=comment_id) for comment_id in comment_id_list.split(',')] try: - Permission.objects.check_permissions(request.user, [permission_comment_delete]) + Permission.check_permissions(request.user, [permission_comment_delete]) except PermissionDenied: comments = AccessEntry.objects.filter_objects_by_access(permission_comment_delete, request.user, comments, related='content_object') @@ -80,7 +80,7 @@ def comment_add(request, document_id): document = get_object_or_404(Document, pk=document_id) try: - Permission.objects.check_permissions(request.user, [permission_comment_create]) + Permission.check_permissions(request.user, [permission_comment_create]) except PermissionDenied: AccessEntry.objects.check_access(permission_comment_create, request.user, document) @@ -118,7 +118,7 @@ def comments_for_document(request, document_id): document = get_object_or_404(Document, pk=document_id) try: - Permission.objects.check_permissions(request.user, [permission_comment_view]) + Permission.check_permissions(request.user, [permission_comment_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_comment_view, request.user, document) diff --git a/mayan/apps/document_indexing/api_views.py b/mayan/apps/document_indexing/api_views.py index 848fbfcc78..baff10db98 100644 --- a/mayan/apps/document_indexing/api_views.py +++ b/mayan/apps/document_indexing/api_views.py @@ -8,7 +8,7 @@ from rest_framework import generics from acls.models import AccessEntry from documents.models import Document from documents.permissions import permission_document_view -from permissions.models import Permission +from permissions import Permission from rest_api.filters import MayanObjectPermissionsFilter from rest_api.permissions import MayanPermission @@ -82,7 +82,7 @@ class APIIndexNodeInstanceDocumentListView(generics.ListAPIView): def get_queryset(self): index_node_instance = get_object_or_404(IndexInstanceNode, pk=self.kwargs['pk']) try: - Permission.objects.check_permissions(self.request.user, [permission_document_indexing_view]) + Permission.check_permissions(self.request.user, [permission_document_indexing_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_indexing_view, self.request.user, index_node_instance.index) @@ -142,7 +142,7 @@ class APIDocumentIndexListView(generics.ListAPIView): def get_queryset(self): document = get_object_or_404(Document, pk=self.kwargs['pk']) try: - Permission.objects.check_permissions(self.request.user, [permission_document_view]) + Permission.check_permissions(self.request.user, [permission_document_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_view, self.request.user, document) diff --git a/mayan/apps/document_indexing/permissions.py b/mayan/apps/document_indexing/permissions.py index bd19dbfdd1..4d6442cb50 100644 --- a/mayan/apps/document_indexing/permissions.py +++ b/mayan/apps/document_indexing/permissions.py @@ -2,7 +2,7 @@ from __future__ import absolute_import, unicode_literals from django.utils.translation import ugettext_lazy as _ -from permissions.models import PermissionNamespace +from permissions import PermissionNamespace namespace = PermissionNamespace('document_indexing', _('Indexing')) diff --git a/mayan/apps/document_indexing/views.py b/mayan/apps/document_indexing/views.py index 19a794ed9a..296cc28341 100644 --- a/mayan/apps/document_indexing/views.py +++ b/mayan/apps/document_indexing/views.py @@ -18,7 +18,7 @@ from common.widgets import two_state_template from documents.models import Document from documents.permissions import permission_document_view from documents.views import document_list -from permissions.models import Permission +from permissions import Permission from .forms import IndexForm, IndexTemplateNodeForm from .models import Index, IndexInstanceNode, IndexTemplateNode @@ -48,7 +48,7 @@ def index_setup_list(request): queryset = Index.objects.all() try: - Permission.objects.check_permissions(request.user, [permission_document_indexing_setup]) + Permission.check_permissions(request.user, [permission_document_indexing_setup]) except PermissionDenied: queryset = AccessEntry.objects.filter_objects_by_access(permission_document_indexing_setup, request.user, queryset) @@ -59,7 +59,7 @@ def index_setup_list(request): def index_setup_create(request): - Permission.objects.check_permissions(request.user, [permission_document_indexing_create]) + Permission.check_permissions(request.user, [permission_document_indexing_create]) if request.method == 'POST': form = IndexForm(request.POST) @@ -81,7 +81,7 @@ def index_setup_edit(request, index_pk): index = get_object_or_404(Index, pk=index_pk) try: - Permission.objects.check_permissions(request.user, [permission_document_indexing_edit]) + Permission.check_permissions(request.user, [permission_document_indexing_edit]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_indexing_create, request.user, index) @@ -106,7 +106,7 @@ def index_setup_delete(request, index_pk): index = get_object_or_404(Index, pk=index_pk) try: - Permission.objects.check_permissions(request.user, [permission_document_indexing_delete]) + Permission.check_permissions(request.user, [permission_document_indexing_delete]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_indexing_delete, request.user, index) @@ -142,7 +142,7 @@ def index_setup_view(request, index_pk): index = get_object_or_404(Index, pk=index_pk) try: - Permission.objects.check_permissions(request.user, [permission_document_indexing_setup]) + Permission.check_permissions(request.user, [permission_document_indexing_setup]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_indexing_setup, request.user, index) @@ -175,7 +175,7 @@ class SetupIndexDocumentTypesView(AssignRemoveView): self.index = get_object_or_404(Index, pk=self.kwargs['index_pk']) try: - Permission.objects.check_permissions(request.user, [permission_document_indexing_edit]) + Permission.check_permissions(request.user, [permission_document_indexing_edit]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_indexing_edit, request.user, self.index) @@ -208,7 +208,7 @@ def template_node_create(request, parent_pk): parent_node = get_object_or_404(IndexTemplateNode, pk=parent_pk) try: - Permission.objects.check_permissions(request.user, [permission_document_indexing_edit]) + Permission.check_permissions(request.user, [permission_document_indexing_edit]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_indexing_edit, request.user, parent_node.index) @@ -233,7 +233,7 @@ def template_node_edit(request, node_pk): node = get_object_or_404(IndexTemplateNode, pk=node_pk) try: - Permission.objects.check_permissions(request.user, [permission_document_indexing_edit]) + Permission.check_permissions(request.user, [permission_document_indexing_edit]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_indexing_edit, request.user, node.index) @@ -259,7 +259,7 @@ def template_node_delete(request, node_pk): node = get_object_or_404(IndexTemplateNode, pk=node_pk) try: - Permission.objects.check_permissions(request.user, [permission_document_indexing_edit]) + Permission.check_permissions(request.user, [permission_document_indexing_edit]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_indexing_edit, request.user, node.index) @@ -309,7 +309,7 @@ def index_list(request): queryset = Index.objects.filter(enabled=True) try: - Permission.objects.check_permissions(request.user, [permission_document_indexing_view]) + Permission.check_permissions(request.user, [permission_document_indexing_view]) except PermissionDenied: queryset = AccessEntry.objects.filter_objects_by_access(permission_document_indexing_view, request.user, queryset) @@ -329,7 +329,7 @@ def index_instance_node_view(request, index_instance_node_pk): breadcrumbs = get_breadcrumbs(index_instance) try: - Permission.objects.check_permissions(request.user, [permission_document_indexing_view]) + Permission.check_permissions(request.user, [permission_document_indexing_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_indexing_view, request.user, index_instance.index) @@ -371,7 +371,7 @@ def rebuild_index_instances(request): """ Confirmation view to execute the tool: do_rebuild_all_indexes """ - Permission.objects.check_permissions(request.user, [permission_document_indexing_rebuild_indexes]) + Permission.check_permissions(request.user, [permission_document_indexing_rebuild_indexes]) previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) @@ -399,7 +399,7 @@ def document_index_list(request, document_id): queryset = document.node_instances.all() try: # TODO: should be AND not OR - Permission.objects.check_permissions(request.user, [permission_document_view, permission_document_indexing_view]) + Permission.check_permissions(request.user, [permission_document_view, permission_document_indexing_view]) except PermissionDenied: queryset = AccessEntry.objects.filter_objects_by_access(permission_document_indexing_view, request.user, queryset, related='index') diff --git a/mayan/apps/document_signatures/permissions.py b/mayan/apps/document_signatures/permissions.py index da7fa00a9a..d7ad294fd6 100644 --- a/mayan/apps/document_signatures/permissions.py +++ b/mayan/apps/document_signatures/permissions.py @@ -2,7 +2,7 @@ from __future__ import absolute_import, unicode_literals from django.utils.translation import ugettext_lazy as _ -from permissions.models import PermissionNamespace +from permissions import PermissionNamespace namespace = PermissionNamespace('document_signatures', _('Document signatures')) diff --git a/mayan/apps/document_signatures/views.py b/mayan/apps/document_signatures/views.py index fba96b5dd6..caba8b2709 100644 --- a/mayan/apps/document_signatures/views.py +++ b/mayan/apps/document_signatures/views.py @@ -17,7 +17,7 @@ from acls.models import AccessEntry from django_gpg.literals import SIGNATURE_STATE_NONE, SIGNATURE_STATES from documents.models import Document from filetransfers.api import serve_file -from permissions.models import Permission +from permissions import Permission from .forms import DetachedSignatureForm from .models import DocumentVersionSignature @@ -33,7 +33,7 @@ def document_verify(request, document_pk): document = get_object_or_404(Document, pk=document_pk) try: - Permission.objects.check_permissions(request.user, [permission_document_verify]) + Permission.check_permissions(request.user, [permission_document_verify]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_verify, request.user, document) @@ -80,7 +80,7 @@ def document_signature_upload(request, document_pk): document = get_object_or_404(Document, pk=document_pk) try: - Permission.objects.check_permissions(request.user, [permission_signature_upload]) + Permission.check_permissions(request.user, [permission_signature_upload]) except PermissionDenied: AccessEntry.objects.check_access(permission_signature_upload, request.user, document) @@ -116,7 +116,7 @@ def document_signature_download(request, document_pk): document = get_object_or_404(Document, pk=document_pk) try: - Permission.objects.check_permissions(request.user, [permission_signature_download]) + Permission.check_permissions(request.user, [permission_signature_download]) except PermissionDenied: AccessEntry.objects.check_access(permission_signature_download, request.user, document) @@ -140,7 +140,7 @@ def document_signature_delete(request, document_pk): document = get_object_or_404(Document, pk=document_pk) try: - Permission.objects.check_permissions(request.user, [permission_signature_delete]) + Permission.check_permissions(request.user, [permission_signature_delete]) except PermissionDenied: AccessEntry.objects.check_access(permission_signature_delete, request.user, document) diff --git a/mayan/apps/document_states/permissions.py b/mayan/apps/document_states/permissions.py index ca0063f0b8..9db6593719 100644 --- a/mayan/apps/document_states/permissions.py +++ b/mayan/apps/document_states/permissions.py @@ -2,7 +2,7 @@ from __future__ import absolute_import, unicode_literals from django.utils.translation import ugettext_lazy as _ -from permissions.models import PermissionNamespace +from permissions import PermissionNamespace namespace = PermissionNamespace('document_states', _('States')) diff --git a/mayan/apps/document_states/views.py b/mayan/apps/document_states/views.py index d8522eabc5..219c13f583 100644 --- a/mayan/apps/document_states/views.py +++ b/mayan/apps/document_states/views.py @@ -15,7 +15,7 @@ from common.views import ( SingleObjectEditView, SingleObjectListView ) from documents.models import Document -from permissions.models import Permission +from permissions import Permission from .forms import ( WorkflowForm, WorkflowInstanceTransitionForm, WorkflowStateForm, @@ -32,7 +32,7 @@ from .permissions import ( class DocumentWorkflowInstanceListView(SingleObjectListView): def dispatch(self, request, *args, **kwargs): try: - Permission.objects.check_permissions(request.user, [permission_document_workflow_view]) + Permission.check_permissions(request.user, [permission_document_workflow_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_workflow_view, request.user, self.get_document()) @@ -60,7 +60,7 @@ class DocumentWorkflowInstanceListView(SingleObjectListView): class WorkflowInstanceDetailView(SingleObjectListView): def dispatch(self, request, *args, **kwargs): try: - Permission.objects.check_permissions(request.user, [permission_document_workflow_view]) + Permission.check_permissions(request.user, [permission_document_workflow_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_workflow_view, request.user, self.get_workflow_instance().document) @@ -94,7 +94,7 @@ class WorkflowInstanceTransitionView(FormView): def dispatch(self, request, *args, **kwargs): try: - Permission.objects.check_permissions(request.user, [permission_document_workflow_transition]) + Permission.check_permissions(request.user, [permission_document_workflow_transition]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_workflow_transition, request.user, self.get_workflow_instance().document) @@ -175,7 +175,7 @@ class SetupWorkflowDocumentTypesView(AssignRemoveView): self.workflow = get_object_or_404(Workflow, pk=self.kwargs['pk']) try: - Permission.objects.check_permissions(self.request.user, [permission_workflow_edit]) + Permission.check_permissions(self.request.user, [permission_workflow_edit]) except PermissionDenied: AccessEntry.objects.check_access(permission_workflow_edit, self.request.user, self.workflow) @@ -205,7 +205,7 @@ class SetupWorkflowDocumentTypesView(AssignRemoveView): class SetupWorkflowStateListView(SingleObjectListView): def dispatch(self, request, *args, **kwargs): try: - Permission.objects.check_permissions(request.user, [permission_workflow_edit]) + Permission.check_permissions(request.user, [permission_workflow_edit]) except PermissionDenied: AccessEntry.objects.check_access(permission_workflow_edit, request.user, self.get_workflow()) @@ -235,7 +235,7 @@ class SetupWorkflowStateCreateView(SingleObjectCreateView): def dispatch(self, request, *args, **kwargs): try: - Permission.objects.check_permissions(request.user, [permission_workflow_edit]) + Permission.check_permissions(request.user, [permission_workflow_edit]) except PermissionDenied: AccessEntry.objects.check_access(permission_workflow_edit, request.user, self.get_workflow()) @@ -316,7 +316,7 @@ class SetupWorkflowStateEditView(SingleObjectEditView): class SetupWorkflowTransitionListView(SingleObjectListView): def dispatch(self, request, *args, **kwargs): try: - Permission.objects.check_permissions(request.user, [permission_workflow_edit]) + Permission.check_permissions(request.user, [permission_workflow_edit]) except PermissionDenied: AccessEntry.objects.check_access(permission_workflow_edit, request.user, self.get_workflow()) @@ -346,7 +346,7 @@ class SetupWorkflowTransitionCreateView(SingleObjectCreateView): def dispatch(self, request, *args, **kwargs): try: - Permission.objects.check_permissions(request.user, [permission_workflow_edit]) + Permission.check_permissions(request.user, [permission_workflow_edit]) except PermissionDenied: AccessEntry.objects.check_access(permission_workflow_edit, request.user, self.get_workflow()) diff --git a/mayan/apps/documents/api_views.py b/mayan/apps/documents/api_views.py index 2f69f041e8..6915a22699 100644 --- a/mayan/apps/documents/api_views.py +++ b/mayan/apps/documents/api_views.py @@ -15,7 +15,7 @@ from converter.exceptions import UnkownConvertError, UnknownFileFormat from converter.literals import ( DEFAULT_PAGE_NUMBER, DEFAULT_ROTATION, DEFAULT_ZOOM_LEVEL ) -from permissions.models import Permission +from permissions import Permission from rest_api.filters import MayanObjectPermissionsFilter from rest_api.permissions import MayanPermission @@ -184,7 +184,7 @@ class APIDocumentImageView(generics.GenericAPIView): document = get_object_or_404(Document, pk=pk) try: - Permission.objects.check_permissions(request.user, [permission_document_view]) + Permission.check_permissions(request.user, [permission_document_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_view, request.user, document) @@ -315,7 +315,7 @@ class APIDocumentTypeDocumentListView(generics.ListAPIView): def get_queryset(self): document_type = get_object_or_404(DocumentType, pk=self.kwargs['pk']) try: - Permission.objects.check_permissions(self.request.user, [permission_document_type_view]) + Permission.check_permissions(self.request.user, [permission_document_type_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_type_view, self.request.user, document_type) diff --git a/mayan/apps/documents/permissions.py b/mayan/apps/documents/permissions.py index 6de8f43db4..d7df396c57 100644 --- a/mayan/apps/documents/permissions.py +++ b/mayan/apps/documents/permissions.py @@ -2,7 +2,7 @@ from __future__ import absolute_import, unicode_literals from django.utils.translation import ugettext_lazy as _ -from permissions.models import PermissionNamespace +from permissions import PermissionNamespace namespace = PermissionNamespace('documents', _('Documents')) diff --git a/mayan/apps/documents/views.py b/mayan/apps/documents/views.py index 8bdffd9a4a..3a00089505 100644 --- a/mayan/apps/documents/views.py +++ b/mayan/apps/documents/views.py @@ -26,7 +26,7 @@ from converter.literals import ( from converter.models import Transformation from converter.permissions import permission_transformation_delete from filetransfers.api import serve_file -from permissions.models import Permission +from permissions import Permission from .events import ( event_document_properties_edit, event_document_type_change @@ -105,7 +105,7 @@ def document_list(request, object_list=None, title=None, extra_context=None): pre_object_list = object_list if not (object_list is None) else Document.objects.all() try: - Permission.objects.check_permissions(request.user, [permission_document_view]) + Permission.check_permissions(request.user, [permission_document_view]) except PermissionDenied: # If user doesn't have global permission, get a list of document # for which he/she does hace access use it to filter the @@ -131,7 +131,7 @@ def document_properties(request, document_id): document = get_object_or_404(Document, pk=document_id) try: - Permission.objects.check_permissions(request.user, [permission_document_view]) + Permission.check_permissions(request.user, [permission_document_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_view, request.user, document) @@ -168,7 +168,7 @@ def document_preview(request, document_id): document = get_object_or_404(Document, pk=document_id) try: - Permission.objects.check_permissions(request.user, [permission_document_view]) + Permission.check_permissions(request.user, [permission_document_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_view, request.user, document) @@ -199,7 +199,7 @@ def document_delete(request, document_id=None, document_id_list=None): return HttpResponseRedirect(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))) try: - Permission.objects.check_permissions(request.user, [permission_document_delete]) + Permission.check_permissions(request.user, [permission_document_delete]) except PermissionDenied: documents = AccessEntry.objects.filter_objects_by_access(permission_document_delete, request.user, documents, exception_on_empty=True) @@ -245,7 +245,7 @@ def document_multiple_delete(request): def document_edit(request, document_id): document = get_object_or_404(Document, pk=document_id) try: - Permission.objects.check_permissions(request.user, [permission_document_properties_edit]) + Permission.check_permissions(request.user, [permission_document_properties_edit]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_properties_edit, request.user, document) @@ -290,7 +290,7 @@ def document_document_type_edit(request, document_id=None, document_id_list=None return HttpResponseRedirect(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))) try: - Permission.objects.check_permissions(request.user, [permission_document_properties_edit]) + Permission.check_permissions(request.user, [permission_document_properties_edit]) except PermissionDenied: documents = AccessEntry.objects.filter_objects_by_access(permission_document_properties_edit, request.user, documents, exception_on_empty=True) @@ -340,7 +340,7 @@ def document_multiple_document_type_edit(request): def get_document_image(request, document_id, size=setting_preview_size.value): document = get_object_or_404(Document, pk=document_id) try: - Permission.objects.check_permissions(request.user, [permission_document_view]) + Permission.check_permissions(request.user, [permission_document_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_view, request.user, document) @@ -376,7 +376,7 @@ def document_download(request, document_id=None, document_id_list=None, document document_versions = [get_object_or_404(DocumentVersion, pk=document_version_pk)] try: - Permission.objects.check_permissions(request.user, [permission_document_download]) + Permission.check_permissions(request.user, [permission_document_download]) except PermissionDenied: document_versions = AccessEntry.objects.filter_objects_by_access(permission_document_download, request.user, document_versions, related='document', exception_on_empty=True) @@ -484,7 +484,7 @@ def document_update_page_count(request, document_id=None, document_id_list=None) return HttpResponseRedirect(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))) try: - Permission.objects.check_permissions(request.user, [permission_document_tools]) + Permission.check_permissions(request.user, [permission_document_tools]) except PermissionDenied: documents = AccessEntry.objects.filter_objects_by_access(permission_document_tools, request.user, documents, exception_on_empty=True) @@ -536,7 +536,7 @@ def document_clear_transformations(request, document_id=None, document_id_list=N return HttpResponseRedirect(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))) try: - Permission.objects.check_permissions(request.user, [permission_transformation_delete]) + Permission.check_permissions(request.user, [permission_transformation_delete]) except PermissionDenied: documents = AccessEntry.objects.filter_objects_by_access(permission_transformation_delete, request.user, documents, exception_on_empty=True) @@ -582,7 +582,7 @@ def document_page_view(request, document_page_id): document_page = get_object_or_404(DocumentPage, pk=document_page_id) try: - Permission.objects.check_permissions(request.user, [permission_document_view]) + Permission.check_permissions(request.user, [permission_document_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_view, request.user, document_page.document) @@ -617,7 +617,7 @@ def document_page_navigation_next(request, document_page_id): document_page = get_object_or_404(DocumentPage, pk=document_page_id) try: - Permission.objects.check_permissions(request.user, [permission_document_view]) + Permission.check_permissions(request.user, [permission_document_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_view, request.user, document_page.document) @@ -635,7 +635,7 @@ def document_page_navigation_previous(request, document_page_id): document_page = get_object_or_404(DocumentPage, pk=document_page_id) try: - Permission.objects.check_permissions(request.user, [permission_document_view]) + Permission.check_permissions(request.user, [permission_document_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_view, request.user, document_page.document) @@ -654,7 +654,7 @@ def document_page_navigation_first(request, document_page_id): document_page = get_object_or_404(document_page.siblings, page_number=1) try: - Permission.objects.check_permissions(request.user, [permission_document_view]) + Permission.check_permissions(request.user, [permission_document_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_view, request.user, document_page.document) @@ -668,7 +668,7 @@ def document_page_navigation_last(request, document_page_id): document_page = get_object_or_404(document_page.siblings, page_number=document_page.siblings.count()) try: - Permission.objects.check_permissions(request.user, [permission_document_view]) + Permission.check_permissions(request.user, [permission_document_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_view, request.user, document_page.document) @@ -681,7 +681,7 @@ def transform_page(request, document_page_id, zoom_function=None, rotation_funct document_page = get_object_or_404(DocumentPage, pk=document_page_id) try: - Permission.objects.check_permissions(request.user, [permission_document_view]) + Permission.check_permissions(request.user, [permission_document_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_view, request.user, document_page.document) @@ -744,7 +744,7 @@ def document_print(request, document_id): document = get_object_or_404(Document, pk=document_id) try: - Permission.objects.check_permissions(request.user, [permission_document_print]) + Permission.check_permissions(request.user, [permission_document_print]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_print, request.user, document) @@ -784,7 +784,7 @@ def document_print(request, document_id): def document_type_list(request): - Permission.objects.check_permissions(request.user, [permission_document_type_view]) + Permission.check_permissions(request.user, [permission_document_type_view]) context = { 'object_list': DocumentType.objects.all(), @@ -800,7 +800,7 @@ def document_type_list(request): def document_type_edit(request, document_type_id): - Permission.objects.check_permissions(request.user, [permission_document_type_edit]) + Permission.check_permissions(request.user, [permission_document_type_edit]) document_type = get_object_or_404(DocumentType, pk=document_type_id) next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', reverse('documents:document_type_list')))) @@ -827,7 +827,7 @@ def document_type_edit(request, document_type_id): def document_type_delete(request, document_type_id): - Permission.objects.check_permissions(request.user, [permission_document_type_delete]) + Permission.check_permissions(request.user, [permission_document_type_delete]) document_type = get_object_or_404(DocumentType, pk=document_type_id) post_action_redirect = reverse('documents:document_type_list') @@ -860,7 +860,7 @@ def document_type_delete(request, document_type_id): def document_type_create(request): - Permission.objects.check_permissions(request.user, [permission_document_type_create]) + Permission.check_permissions(request.user, [permission_document_type_create]) if request.method == 'POST': form = DocumentTypeForm(request.POST) @@ -882,7 +882,7 @@ def document_type_create(request): def document_type_filename_list(request, document_type_id): - Permission.objects.check_permissions(request.user, [permission_document_type_view]) + Permission.check_permissions(request.user, [permission_document_type_view]) document_type = get_object_or_404(DocumentType, pk=document_type_id) context = { @@ -904,7 +904,7 @@ def document_type_filename_list(request, document_type_id): def document_type_filename_edit(request, document_type_filename_id): - Permission.objects.check_permissions(request.user, [permission_document_type_edit]) + Permission.check_permissions(request.user, [permission_document_type_edit]) document_type_filename = get_object_or_404(DocumentTypeFilename, pk=document_type_filename_id) next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', reverse('documents:document_type_filename_list', args=[document_type_filename.document_type_id])))) @@ -936,7 +936,7 @@ def document_type_filename_edit(request, document_type_filename_id): def document_type_filename_delete(request, document_type_filename_id): - Permission.objects.check_permissions(request.user, [permission_document_type_edit]) + Permission.check_permissions(request.user, [permission_document_type_edit]) document_type_filename = get_object_or_404(DocumentTypeFilename, pk=document_type_filename_id) post_action_redirect = reverse('documents:document_type_filename_list', args=[document_type_filename.document_type_id]) @@ -971,7 +971,7 @@ def document_type_filename_delete(request, document_type_filename_id): def document_type_filename_create(request, document_type_id): - Permission.objects.check_permissions(request.user, [permission_document_type_edit]) + Permission.check_permissions(request.user, [permission_document_type_edit]) document_type = get_object_or_404(DocumentType, pk=document_type_id) @@ -1002,7 +1002,7 @@ def document_type_filename_create(request, document_type_id): def document_clear_image_cache(request): - Permission.objects.check_permissions(request.user, [permission_document_tools]) + Permission.check_permissions(request.user, [permission_document_tools]) previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) @@ -1022,7 +1022,7 @@ def document_version_list(request, document_pk): document = get_object_or_404(Document, pk=document_pk) try: - Permission.objects.check_permissions(request.user, [permission_document_view]) + Permission.check_permissions(request.user, [permission_document_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_view, request.user, document) @@ -1062,7 +1062,7 @@ def document_version_revert(request, document_version_pk): document_version = get_object_or_404(DocumentVersion, pk=document_version_pk) try: - Permission.objects.check_permissions(request.user, [permission_document_version_revert]) + Permission.check_permissions(request.user, [permission_document_version_revert]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_version_revert, request.user, document_version.document) diff --git a/mayan/apps/dynamic_search/classes.py b/mayan/apps/dynamic_search/classes.py index c83edffbbb..1cee3e1f6e 100644 --- a/mayan/apps/dynamic_search/classes.py +++ b/mayan/apps/dynamic_search/classes.py @@ -10,7 +10,7 @@ from django.db.models.loading import get_model from django.utils.module_loading import import_string from acls.models import AccessEntry -from permissions.models import Permission +from permissions import Permission from .models import RecentSearch from .settings import setting_limit @@ -171,7 +171,7 @@ class SearchModel(object): if self.permission: try: - Permission.objects.check_permissions(user, [self.permission]) + Permission.check_permissions(user, [self.permission]) except PermissionDenied: queryset = AccessEntry.objects.filter_objects_by_access(self.permission, user, queryset) diff --git a/mayan/apps/events/permissions.py b/mayan/apps/events/permissions.py index e71dc24935..c045fe0ac2 100644 --- a/mayan/apps/events/permissions.py +++ b/mayan/apps/events/permissions.py @@ -2,7 +2,7 @@ from __future__ import absolute_import, unicode_literals from django.utils.translation import ugettext_lazy as _ -from permissions.models import PermissionNamespace +from permissions import PermissionNamespace namespace = PermissionNamespace('events', _('Events')) permission_events_view = namespace.add_permission(name='events_view', label=_('Access the events of an object')) diff --git a/mayan/apps/events/views.py b/mayan/apps/events/views.py index 7420287a5c..287981b149 100644 --- a/mayan/apps/events/views.py +++ b/mayan/apps/events/views.py @@ -11,7 +11,7 @@ from actstream.models import Action, any_stream from acls.models import AccessEntry from common.utils import encapsulate -from permissions.models import Permission +from permissions import Permission from .classes import Event from .permissions import permission_events_view @@ -33,7 +33,7 @@ def events_list(request, app_label=None, module_name=None, object_id=None, verb= content_object = get_object_or_404(model, pk=object_id) try: - Permission.objects.check_permissions(request.user, [permission_events_view]) + Permission.check_permissions(request.user, [permission_events_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_events_view, request.user, content_object) @@ -46,7 +46,7 @@ def events_list(request, app_label=None, module_name=None, object_id=None, verb= pre_object_list = Action.objects.filter(verb=verb) try: - Permission.objects.check_permissions(request.user, [permission_events_view]) + Permission.check_permissions(request.user, [permission_events_view]) except PermissionDenied: # If user doesn't have global permission, get a list of document # for which he/she does hace access use it to filter the @@ -63,7 +63,7 @@ def events_list(request, app_label=None, module_name=None, object_id=None, verb= pre_object_list = Action.objects.all() try: - Permission.objects.check_permissions(request.user, [permission_events_view]) + Permission.check_permissions(request.user, [permission_events_view]) except PermissionDenied: # If user doesn't have global permission, get a list of document # for which he/she does hace access use it to filter the diff --git a/mayan/apps/folders/api_views.py b/mayan/apps/folders/api_views.py index 7bd2fd78b2..851d277033 100644 --- a/mayan/apps/folders/api_views.py +++ b/mayan/apps/folders/api_views.py @@ -9,7 +9,7 @@ from rest_framework.response import Response from acls.models import AccessEntry from documents.models import Document from documents.permissions import permission_document_view -from permissions.models import Permission +from permissions import Permission from rest_api.filters import MayanObjectPermissionsFilter from rest_api.permissions import MayanPermission @@ -96,7 +96,7 @@ class APIFolderDocumentListView(generics.ListAPIView): def get_queryset(self): folder = get_object_or_404(Folder, pk=self.kwargs['pk']) try: - Permission.objects.check_permissions(self.request.user, [permission_folder_view]) + Permission.check_permissions(self.request.user, [permission_folder_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_folder_view, self.request.user, folder) @@ -114,7 +114,7 @@ class APIDocumentFolderListView(generics.ListAPIView): def get_queryset(self): document = get_object_or_404(Document, pk=self.kwargs['pk']) try: - Permission.objects.check_permissions(self.request.user, [permission_document_view]) + Permission.check_permissions(self.request.user, [permission_document_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_view, self.request.user, document) @@ -129,7 +129,7 @@ class APIFolderDocumentView(views.APIView): folder = get_object_or_404(Folder, pk=self.kwargs['pk']) try: - Permission.objects.check_permissions(request.user, [permission_folder_remove_document]) + Permission.check_permissions(request.user, [permission_folder_remove_document]) except PermissionDenied: AccessEntry.objects.check_access(permission_folder_remove_document, request.user, folder) @@ -143,7 +143,7 @@ class APIFolderDocumentView(views.APIView): folder = get_object_or_404(Folder, pk=self.kwargs['pk']) try: - Permission.objects.check_permissions(request.user, [permission_folder_add_document]) + Permission.check_permissions(request.user, [permission_folder_add_document]) except PermissionDenied: AccessEntry.objects.check_access(permission_folder_add_document, request.user, folder) diff --git a/mayan/apps/folders/forms.py b/mayan/apps/folders/forms.py index 91e935f2f2..93df30a244 100644 --- a/mayan/apps/folders/forms.py +++ b/mayan/apps/folders/forms.py @@ -7,7 +7,7 @@ from django.core.exceptions import PermissionDenied from django.utils.translation import ugettext_lazy as _ from acls.models import AccessEntry -from permissions.models import Permission +from permissions import Permission from .models import Folder from .permissions import permission_folder_view @@ -29,7 +29,7 @@ class FolderListForm(forms.Form): queryset = Folder.objects.all() try: - Permission.objects.check_permissions(user, [permission_folder_view]) + Permission.check_permissions(user, [permission_folder_view]) except PermissionDenied: queryset = AccessEntry.objects.filter_objects_by_access(permission_folder_view, user, queryset) diff --git a/mayan/apps/folders/permissions.py b/mayan/apps/folders/permissions.py index e4c97200c3..36d4c57f5f 100644 --- a/mayan/apps/folders/permissions.py +++ b/mayan/apps/folders/permissions.py @@ -2,7 +2,7 @@ from __future__ import absolute_import, unicode_literals from django.utils.translation import ugettext_lazy as _ -from permissions.models import PermissionNamespace +from permissions import PermissionNamespace namespace = PermissionNamespace('folders', _('Folders')) diff --git a/mayan/apps/folders/views.py b/mayan/apps/folders/views.py index 3903e90297..eaf06c461c 100644 --- a/mayan/apps/folders/views.py +++ b/mayan/apps/folders/views.py @@ -18,7 +18,7 @@ from common.views import SingleObjectListView from documents.permissions import permission_document_view from documents.models import Document from documents.views import DocumentListView -from permissions.models import Permission +from permissions import Permission from .forms import FolderForm, FolderListForm from .models import Folder @@ -43,7 +43,7 @@ class FolderListView(SingleObjectListView): def folder_create(request): - Permission.objects.check_permissions(request.user, [permission_folder_create]) + Permission.check_permissions(request.user, [permission_folder_create]) if request.method == 'POST': form = FolderForm(request.POST) @@ -68,7 +68,7 @@ def folder_edit(request, folder_id): folder = get_object_or_404(Folder, pk=folder_id) try: - Permission.objects.check_permissions(request.user, [permission_folder_edit]) + Permission.check_permissions(request.user, [permission_folder_edit]) except PermissionDenied: AccessEntry.objects.check_access(permission_folder_edit, request.user, folder) @@ -95,7 +95,7 @@ def folder_delete(request, folder_id): folder = get_object_or_404(Folder, pk=folder_id) try: - Permission.objects.check_permissions(request.user, [permission_folder_delete]) + Permission.check_permissions(request.user, [permission_folder_delete]) except PermissionDenied: AccessEntry.objects.check_access(permission_folder_delete, request.user, folder) @@ -131,7 +131,7 @@ class FolderDetailView(DocumentListView): folder = get_object_or_404(Folder, pk=self.kwargs['pk']) try: - Permission.objects.check_permissions(self.request.user, [permission_folder_view]) + Permission.check_permissions(self.request.user, [permission_folder_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_folder_view, self.request.user, folder) @@ -159,7 +159,7 @@ def folder_add_document(request, document_id=None, document_id_list=None): return HttpResponseRedirect(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))) try: - Permission.objects.check_permissions(request.user, [permission_folder_add_document]) + Permission.check_permissions(request.user, [permission_folder_add_document]) except PermissionDenied: documents = AccessEntry.objects.filter_objects_by_access(permission_folder_add_document, request.user, documents) @@ -207,7 +207,7 @@ def document_folder_list(request, document_id): document = get_object_or_404(Document, pk=document_id) try: - Permission.objects.check_permissions(request.user, [permission_document_view]) + Permission.check_permissions(request.user, [permission_document_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_view, request.user, document) @@ -220,7 +220,7 @@ def document_folder_list(request, document_id): queryset = document.folders.all() try: - Permission.objects.check_permissions(request.user, [permission_folder_view]) + Permission.check_permissions(request.user, [permission_folder_view]) except PermissionDenied: queryset = AccessEntry.objects.filter_objects_by_access(permission_folder_view, request.user, queryset) @@ -245,7 +245,7 @@ def folder_document_remove(request, folder_id, document_id=None, document_id_lis logger.debug('folder_documents (pre permission check): %s', folder_documents) try: - Permission.objects.check_permissions(request.user, [permission_folder_remove_document]) + Permission.check_permissions(request.user, [permission_folder_remove_document]) except PermissionDenied: folder_documents = AccessEntry.objects.filter_objects_by_access(permission_folder_remove_document, request.user, folder_documents, exception_on_empty=True) diff --git a/mayan/apps/installation/permissions.py b/mayan/apps/installation/permissions.py index 5f7004cf05..40650bfddd 100644 --- a/mayan/apps/installation/permissions.py +++ b/mayan/apps/installation/permissions.py @@ -2,7 +2,7 @@ from __future__ import absolute_import, unicode_literals from django.utils.translation import ugettext_lazy as _ -from permissions.models import PermissionNamespace +from permissions import PermissionNamespace namespace = PermissionNamespace('installation', _('Installation')) permission_installation_details = namespace.add_permission(name='installation_details', label=_('View installation environment details')) diff --git a/mayan/apps/installation/views.py b/mayan/apps/installation/views.py index c0779144ec..f04f2577e3 100644 --- a/mayan/apps/installation/views.py +++ b/mayan/apps/installation/views.py @@ -4,14 +4,14 @@ from django.shortcuts import render_to_response from django.template import RequestContext from django.utils.translation import ugettext_lazy as _ -from permissions.models import Permission +from permissions import Permission from .classes import PropertyNamespace from .permissions import permission_installation_details def namespace_list(request): - Permission.objects.check_permissions(request.user, [permission_installation_details]) + Permission.check_permissions(request.user, [permission_installation_details]) return render_to_response('appearance/generic_list.html', { 'object_list': PropertyNamespace.get_all(), @@ -21,7 +21,7 @@ def namespace_list(request): def namespace_details(request, namespace_id): - Permission.objects.check_permissions(request.user, [permission_installation_details]) + Permission.check_permissions(request.user, [permission_installation_details]) namespace = PropertyNamespace.get(namespace_id) object_list = namespace.get_properties() diff --git a/mayan/apps/linking/permissions.py b/mayan/apps/linking/permissions.py index cf959413a7..15020ca0fd 100644 --- a/mayan/apps/linking/permissions.py +++ b/mayan/apps/linking/permissions.py @@ -2,7 +2,7 @@ from __future__ import absolute_import, unicode_literals from django.utils.translation import ugettext_lazy as _ -from permissions.models import PermissionNamespace +from permissions import PermissionNamespace namespace = PermissionNamespace('linking', _('Smart links')) diff --git a/mayan/apps/linking/views.py b/mayan/apps/linking/views.py index ef4d454034..ea2dcee732 100644 --- a/mayan/apps/linking/views.py +++ b/mayan/apps/linking/views.py @@ -19,7 +19,7 @@ from common.views import AssignRemoveView from common.widgets import two_state_template from documents.models import Document, DocumentType from documents.views import document_list -from permissions.models import Permission +from permissions import Permission from .forms import SmartLinkConditionForm, SmartLinkForm from .models import SmartLink, SmartLinkCondition @@ -41,7 +41,7 @@ class SetupSmartLinkDocumentTypesView(AssignRemoveView): self.smart_link = get_object_or_404(SmartLink, pk=self.kwargs['smart_link_pk']) try: - Permission.objects.check_permissions(self.request.user, [permission_smart_link_edit]) + Permission.check_permissions(self.request.user, [permission_smart_link_edit]) except PermissionDenied: AccessEntry.objects.check_access(permission_smart_link_edit, self.request.user, self.smart_link) @@ -71,7 +71,7 @@ def smart_link_instance_view(request, document_id, smart_link_pk): smart_link = get_object_or_404(SmartLink, pk=smart_link_pk) try: - Permission.objects.check_permissions(request.user, [permission_smart_link_view]) + Permission.check_permissions(request.user, [permission_smart_link_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_smart_link_view, request.user, smart_link) @@ -106,7 +106,7 @@ def smart_link_instances_for_document(request, document_id): ) try: - Permission.objects.check_permissions(request.user, [permission_smart_link_view]) + Permission.check_permissions(request.user, [permission_smart_link_view]) except PermissionDenied: smart_links = AccessEntry.objects.filter_objects_by_access(permission_smart_link_view, request.user, queryset) else: @@ -141,7 +141,7 @@ def smart_link_list(request): qs = SmartLink.objects.all() try: - Permission.objects.check_permissions(request.user, [permission_smart_link_view]) + Permission.check_permissions(request.user, [permission_smart_link_view]) except PermissionDenied: qs = AccessEntry.objects.filter_objects_by_access(permission_smart_link_view, request.user, qs) @@ -158,7 +158,7 @@ def smart_link_list(request): def smart_link_create(request): - Permission.objects.check_permissions(request.user, [permission_smart_link_create]) + Permission.check_permissions(request.user, [permission_smart_link_create]) if request.method == 'POST': form = SmartLinkForm(request.POST) @@ -180,7 +180,7 @@ def smart_link_edit(request, smart_link_pk): smart_link = get_object_or_404(SmartLink, pk=smart_link_pk) try: - Permission.objects.check_permissions(request.user, [permission_smart_link_edit]) + Permission.check_permissions(request.user, [permission_smart_link_edit]) except PermissionDenied: AccessEntry.objects.check_access(permission_smart_link_edit, request.user, smart_link) @@ -204,7 +204,7 @@ def smart_link_delete(request, smart_link_pk): smart_link = get_object_or_404(SmartLink, pk=smart_link_pk) try: - Permission.objects.check_permissions(request.user, [permission_smart_link_delete]) + Permission.check_permissions(request.user, [permission_smart_link_delete]) except PermissionDenied: AccessEntry.objects.check_access(permission_smart_link_delete, request.user, smart_link) @@ -235,7 +235,7 @@ def smart_link_condition_list(request, smart_link_pk): smart_link = get_object_or_404(SmartLink, pk=smart_link_pk) try: - Permission.objects.check_permissions(request.user, [permission_smart_link_edit]) + Permission.check_permissions(request.user, [permission_smart_link_edit]) except PermissionDenied: AccessEntry.objects.check_accesses([permission_smart_link_edit], request.user, smart_link) @@ -254,7 +254,7 @@ def smart_link_condition_create(request, smart_link_pk): smart_link = get_object_or_404(SmartLink, pk=smart_link_pk) try: - Permission.objects.check_permissions(request.user, [permission_smart_link_edit]) + Permission.check_permissions(request.user, [permission_smart_link_edit]) except PermissionDenied: AccessEntry.objects.check_accesses([permission_smart_link_edit], request.user, smart_link) @@ -280,7 +280,7 @@ def smart_link_condition_edit(request, smart_link_condition_pk): smart_link_condition = get_object_or_404(SmartLinkCondition, pk=smart_link_condition_pk) try: - Permission.objects.check_permissions(request.user, [permission_smart_link_edit]) + Permission.check_permissions(request.user, [permission_smart_link_edit]) except PermissionDenied: AccessEntry.objects.check_accesses([permission_smart_link_edit], request.user, smart_link_condition.smart_link) @@ -311,7 +311,7 @@ def smart_link_condition_delete(request, smart_link_condition_pk): smart_link_condition = get_object_or_404(SmartLinkCondition, pk=smart_link_condition_pk) try: - Permission.objects.check_permissions(request.user, [permission_smart_link_edit]) + Permission.check_permissions(request.user, [permission_smart_link_edit]) except PermissionDenied: AccessEntry.objects.check_accesses([permission_smart_link_edit], request.user, smart_link_condition.smart_link) diff --git a/mayan/apps/mailer/permissions.py b/mayan/apps/mailer/permissions.py index 9241ca334c..6e15c0c0e0 100644 --- a/mayan/apps/mailer/permissions.py +++ b/mayan/apps/mailer/permissions.py @@ -2,7 +2,7 @@ from __future__ import absolute_import, unicode_literals from django.utils.translation import ugettext_lazy as _ -from permissions.models import PermissionNamespace +from permissions import PermissionNamespace namespace = PermissionNamespace('mailing', _('Mailing')) diff --git a/mayan/apps/mailer/views.py b/mayan/apps/mailer/views.py index 9baaddeb84..7a618dd66c 100644 --- a/mayan/apps/mailer/views.py +++ b/mayan/apps/mailer/views.py @@ -13,7 +13,7 @@ from django.utils.translation import ugettext_lazy as _ from acls.models import AccessEntry from documents.models import Document -from permissions.models import Permission +from permissions import Permission from .forms import DocumentMailForm from .permissions import ( @@ -34,7 +34,7 @@ def send_document_link(request, document_id=None, document_id_list=None, as_atta permission = permission_mailing_link try: - Permission.objects.check_permissions(request.user, [permission]) + Permission.check_permissions(request.user, [permission]) except PermissionDenied: documents = AccessEntry.objects.filter_objects_by_access(permission, request.user, documents) diff --git a/mayan/apps/metadata/api_views.py b/mayan/apps/metadata/api_views.py index fec084dd89..272fb7dcaf 100644 --- a/mayan/apps/metadata/api_views.py +++ b/mayan/apps/metadata/api_views.py @@ -11,7 +11,7 @@ from documents.models import Document, DocumentType from documents.permissions import ( permission_document_type_view, permission_document_type_edit ) -from permissions.models import Permission +from permissions import Permission from rest_api.filters import MayanObjectPermissionsFilter from rest_api.permissions import MayanPermission @@ -88,7 +88,7 @@ class APIDocumentMetadataListView(generics.ListCreateAPIView): if self.request == 'GET': # Make sure the use has the permission to see the metadata for this document try: - Permission.objects.check_permissions(self.request.user, [permission_metadata_document_view]) + Permission.check_permissions(self.request.user, [permission_metadata_document_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_metadata_document_view, self.request.user, document) else: @@ -96,7 +96,7 @@ class APIDocumentMetadataListView(generics.ListCreateAPIView): elif self.request == 'POST': # Make sure the use has the permission to add metadata to this document try: - Permission.objects.check_permissions(self.request.user, [permission_metadata_document_add]) + Permission.check_permissions(self.request.user, [permission_metadata_document_add]) except PermissionDenied: AccessEntry.objects.check_access(permission_metadata_document_add, self.request.user, document) else: @@ -162,7 +162,7 @@ class APIDocumentTypeMetadataTypeOptionalListView(generics.ListCreateAPIView): def get_queryset(self): document_type = get_object_or_404(DocumentType, pk=self.kwargs['document_type_pk']) try: - Permission.objects.check_permissions(self.request.user, [permission_document_type_view]) + Permission.check_permissions(self.request.user, [permission_document_type_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_type_view, self.request.user, document_type) @@ -185,7 +185,7 @@ class APIDocumentTypeMetadataTypeOptionalListView(generics.ListCreateAPIView): document_type = get_object_or_404(DocumentType, pk=self.kwargs['document_type_pk']) try: - Permission.objects.check_permissions(self.request.user, [permission_document_type_edit]) + Permission.check_permissions(self.request.user, [permission_document_type_edit]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_type_edit, self.request.user, document_type) @@ -221,7 +221,7 @@ class APIDocumentTypeMetadataTypeRequiredView(views.APIView): document_type = get_object_or_404(DocumentType, pk=self.kwargs['document_type_pk']) try: - Permission.objects.check_permissions(self.request.user, [permission_document_type_edit]) + Permission.check_permissions(self.request.user, [permission_document_type_edit]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_type_edit, self.request.user, document_type) diff --git a/mayan/apps/metadata/permissions.py b/mayan/apps/metadata/permissions.py index daa2849217..bfc98ca4a2 100644 --- a/mayan/apps/metadata/permissions.py +++ b/mayan/apps/metadata/permissions.py @@ -2,7 +2,7 @@ from __future__ import absolute_import, unicode_literals from django.utils.translation import ugettext_lazy as _ -from permissions.models import PermissionNamespace +from permissions import PermissionNamespace namespace = PermissionNamespace('metadata', _('Metadata')) permission_metadata_document_edit = namespace.add_permission(name='metadata_document_edit', label=_('Edit a document\'s metadata')) diff --git a/mayan/apps/metadata/views.py b/mayan/apps/metadata/views.py index d5d67229cf..6e72a58949 100644 --- a/mayan/apps/metadata/views.py +++ b/mayan/apps/metadata/views.py @@ -18,7 +18,7 @@ from documents.permissions import ( permission_document_type_edit ) from documents.views import DocumentListView -from permissions.models import Permission +from permissions import Permission from .api import save_metadata_list from .forms import ( @@ -48,7 +48,7 @@ def metadata_edit(request, document_id=None, document_id_list=None): documents = Document.objects.select_related('metadata').filter(pk__in=document_id_list.split(',')) try: - Permission.objects.check_permissions(request.user, [permission_metadata_document_edit]) + Permission.check_permissions(request.user, [permission_metadata_document_edit]) except PermissionDenied: documents = AccessEntry.objects.filter_objects_by_access(permission_metadata_document_edit, request.user, documents) @@ -156,7 +156,7 @@ def metadata_add(request, document_id=None, document_id_list=None): return HttpResponseRedirect(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))) try: - Permission.objects.check_permissions(request.user, [permission_metadata_document_add]) + Permission.check_permissions(request.user, [permission_metadata_document_add]) except PermissionDenied: documents = AccessEntry.objects.filter_objects_by_access(permission_metadata_document_add, request.user, documents) @@ -235,7 +235,7 @@ def metadata_remove(request, document_id=None, document_id_list=None): documents = Document.objects.select_related('metadata').filter(pk__in=document_id_list.split(',')) try: - Permission.objects.check_permissions(request.user, [permission_metadata_document_remove]) + Permission.check_permissions(request.user, [permission_metadata_document_remove]) except PermissionDenied: documents = AccessEntry.objects.filter_objects_by_access(permission_metadata_document_remove, request.user, documents) @@ -329,7 +329,7 @@ def metadata_view(request, document_id): document = get_object_or_404(Document, pk=document_id) try: - Permission.objects.check_permissions(request.user, [permission_metadata_document_view]) + Permission.check_permissions(request.user, [permission_metadata_document_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_metadata_document_view, request.user, document) @@ -347,7 +347,7 @@ def metadata_view(request, document_id): # Setup views def setup_metadata_type_list(request): - Permission.objects.check_permissions(request.user, [permission_metadata_type_view]) + Permission.check_permissions(request.user, [permission_metadata_type_view]) context = { 'object_list': MetadataType.objects.all(), @@ -366,7 +366,7 @@ def setup_metadata_type_list(request): def setup_metadata_type_edit(request, metadatatype_id): - Permission.objects.check_permissions(request.user, [permission_metadata_type_edit]) + Permission.check_permissions(request.user, [permission_metadata_type_edit]) metadata_type = get_object_or_404(MetadataType, pk=metadatatype_id) @@ -391,7 +391,7 @@ def setup_metadata_type_edit(request, metadatatype_id): def setup_metadata_type_create(request): - Permission.objects.check_permissions(request.user, [permission_metadata_type_create]) + Permission.check_permissions(request.user, [permission_metadata_type_create]) if request.method == 'POST': form = MetadataTypeForm(request.POST) @@ -409,7 +409,7 @@ def setup_metadata_type_create(request): def setup_metadata_type_delete(request, metadatatype_id): - Permission.objects.check_permissions(request.user, [permission_metadata_type_delete]) + Permission.check_permissions(request.user, [permission_metadata_type_delete]) metadata_type = get_object_or_404(MetadataType, pk=metadatatype_id) @@ -447,7 +447,7 @@ class SetupDocumentTypeMetadataOptionalView(AssignRemoveView): self.document_type.metadata.create(metadata_type=item, required=False) def dispatch(self, request, *args, **kwargs): - Permission.objects.check_permissions(request.user, [permission_document_type_edit]) + Permission.check_permissions(request.user, [permission_document_type_edit]) self.document_type = get_object_or_404(DocumentType, pk=self.kwargs['document_type_id']) return super(SetupDocumentTypeMetadataOptionalView, self).dispatch(request, *args, **kwargs) diff --git a/mayan/apps/navigation/classes.py b/mayan/apps/navigation/classes.py index fe0c8e1793..7286a6658f 100644 --- a/mayan/apps/navigation/classes.py +++ b/mayan/apps/navigation/classes.py @@ -15,7 +15,7 @@ from django.utils.http import urlencode, urlquote from django.utils.translation import ugettext_lazy as _ from acls.models import AccessEntry -from permissions.models import Permission +from permissions import Permission logger = logging.getLogger(__name__) @@ -157,7 +157,7 @@ class Link(object): # too if self.permissions: try: - Permission.objects.check_permissions(request.user, self.permissions) + Permission.check_permissions(request.user, self.permissions) except PermissionDenied: # If the user doesn't have the permission, and we are passed # an instance, check to see if the user has at least ACL diff --git a/mayan/apps/ocr/api_views.py b/mayan/apps/ocr/api_views.py index 843d92f8ad..4863339709 100644 --- a/mayan/apps/ocr/api_views.py +++ b/mayan/apps/ocr/api_views.py @@ -9,7 +9,7 @@ from rest_framework.settings import api_settings from acls.models import AccessEntry from documents.models import DocumentVersion -from permissions.models import Permission +from permissions import Permission from rest_api.permissions import MayanPermission from .permissions import permission_ocr_document @@ -30,7 +30,7 @@ class DocumentVersionOCRView(generics.GenericAPIView): document_version = get_object_or_404(DocumentVersion, pk=serializer.data['document_version_id']) try: - Permission.objects.check_permissions(request.user, [permission_ocr_document]) + Permission.check_permissions(request.user, [permission_ocr_document]) except PermissionDenied: AccessEntry.objects.check_access(permission_ocr_document, request.user, document_version.document) diff --git a/mayan/apps/ocr/permissions.py b/mayan/apps/ocr/permissions.py index 51fa8067ae..00f2313baf 100644 --- a/mayan/apps/ocr/permissions.py +++ b/mayan/apps/ocr/permissions.py @@ -2,7 +2,7 @@ from __future__ import absolute_import, unicode_literals from django.utils.translation import ugettext_lazy as _ -from permissions.models import PermissionNamespace +from permissions import PermissionNamespace namespace = PermissionNamespace('ocr', _('OCR')) diff --git a/mayan/apps/ocr/views.py b/mayan/apps/ocr/views.py index 291d5eaee0..36c260ac78 100644 --- a/mayan/apps/ocr/views.py +++ b/mayan/apps/ocr/views.py @@ -12,7 +12,7 @@ from django.utils.translation import ugettext_lazy as _, ungettext from acls.models import AccessEntry from common.views import ConfirmView, SingleObjectEditView from documents.models import Document, DocumentType, DocumentVersion -from permissions.models import Permission +from permissions import Permission from .forms import DocumentContentForm from .models import DocumentTypeSettings, DocumentVersionOCRError @@ -38,7 +38,7 @@ class DocumentSubmitView(ConfirmView): document = obj try: - Permission.objects.check_permissions(request.user, [permission_ocr_document]) + Permission.check_permissions(request.user, [permission_ocr_document]) except PermissionDenied: AccessEntry.objects.check_access(permission_ocr_document, request.user, document) @@ -102,7 +102,7 @@ def document_content(request, document_id): document = get_object_or_404(Document, pk=document_id) try: - Permission.objects.check_permissions(request.user, [permission_ocr_content_view]) + Permission.check_permissions(request.user, [permission_ocr_content_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_ocr_content_view, request.user, document) @@ -121,7 +121,7 @@ def document_content(request, document_id): def entry_list(request): - Permission.objects.check_permissions(request.user, [permission_ocr_document]) + Permission.check_permissions(request.user, [permission_ocr_document]) context = { 'object_list': DocumentVersionOCRError.objects.all(), @@ -134,7 +134,7 @@ def entry_list(request): def entry_delete(request, pk=None, pk_list=None): - Permission.objects.check_permissions(request.user, [permission_ocr_document_delete]) + Permission.check_permissions(request.user, [permission_ocr_document_delete]) if pk: entries = [get_object_or_404(DocumentVersionOCRError, pk=pk)] @@ -183,7 +183,7 @@ def entry_delete_multiple(request): def entry_re_queue(request, pk=None, pk_list=None): - Permission.objects.check_permissions(request.user, [permission_ocr_document]) + Permission.check_permissions(request.user, [permission_ocr_document]) if pk: entries = [get_object_or_404(DocumentVersionOCRError, pk=pk)] diff --git a/mayan/apps/permissions/__init__.py b/mayan/apps/permissions/__init__.py index e69de29bb2..36bda3b8c1 100644 --- a/mayan/apps/permissions/__init__.py +++ b/mayan/apps/permissions/__init__.py @@ -0,0 +1 @@ +from .classes import Permission, PermissionNamespace # NOQA diff --git a/mayan/apps/permissions/classes.py b/mayan/apps/permissions/classes.py index a21e20d2dc..4e43f642bf 100644 --- a/mayan/apps/permissions/classes.py +++ b/mayan/apps/permissions/classes.py @@ -1,7 +1,89 @@ from __future__ import unicode_literals +from django.core.exceptions import PermissionDenied + from acls.classes import EncapsulatedObject +from .models import StoredPermission + class Member(EncapsulatedObject): source_object_name = 'member_object' + + +class PermissionNamespace(object): + def __init__(self, name, label): + self.name = name + self.label = label + + def __unicode__(self): + return unicode(self.label) + + def add_permission(self, name, label): + return Permission(namespace=self, name=name, label=label) + + +class Permission(object): + _stored_permissions_cache = {} + _permissions = {} + + @classmethod + def check_permissions(cls, requester, permission_list): + for permission in permission_list: + if permission.requester_has_this(requester): + return True + + logger.debug('no permission') + + raise PermissionDenied(ugettext('Insufficient permissions.')) + + @classmethod + def get_for_holder(cls, holder): + return StoredPermission.get_for_holder(holder) + + @classmethod + def all(cls): + # Return sorted permisions by namespace.name + return sorted(cls._permissions.values(), key=lambda x: x.namespace.name) + + @classmethod + def get(cls, get_dict, proxy_only=False): + if 'pk' in get_dict: + if proxy_only: + return cls._permissions[get_dict['pk']] + else: + return cls._permissions[get_dict['pk']].stored_permission + + def __init__(self, namespace, name, label): + self.namespace = namespace + self.name = name + self.label = label + self.pk = self.uuid + self.__class__._permissions[self.uuid] = self + + def __unicode__(self): + return unicode(self.label) + + def __str__(self): + return str(self.__unicode__()) + + @property + def uuid(self): + return '%s.%s' % (self.namespace.name, self.name) + + @property + def stored_permission(self): + try: + return self.__class__._stored_permissions_cache[self] + except KeyError: + stored_permission, created = StoredPermission.objects.get_or_create( + namespace=self.namespace.name, + name=self.name, + ) + stored_permission.volatile_permission = self + self.__class__._stored_permissions_cache[self] = stored_permission + return stored_permission + + def requester_has_this(self, requester): + stored_permission = self.stored_permission + return stored_permission.requester_has_this(requester) diff --git a/mayan/apps/permissions/models.py b/mayan/apps/permissions/models.py index b698d3bf1d..a723eecf45 100644 --- a/mayan/apps/permissions/models.py +++ b/mayan/apps/permissions/models.py @@ -19,114 +19,6 @@ from .managers import RoleMemberManager, StoredPermissionManager logger = logging.getLogger(__name__) -class PermissionNamespace(object): - def __init__(self, name, label): - self.name = name - self.label = label - - def __unicode__(self): - return unicode(self.label) - - def add_permission(self, name, label): - return Permission(namespace=self, name=name, label=label) - - -class PermissionDoesNotExists(Exception): - pass - - -class PermissionManager(object): - _permissions = {} - DoesNotExist = PermissionDoesNotExists() - - @classmethod - def register(cls, namespace, name, label): - permission = Permission(namespace, name, label) - cls._permissions[permission.uuid] = permission - return permission - - @classmethod - def check_permissions(cls, requester, permission_list): - for permission in permission_list: - if permission.requester_has_this(requester): - return True - - logger.debug('no permission') - - raise PermissionDenied(ugettext('Insufficient permissions.')) - - @classmethod - def get_for_holder(cls, holder): - return StoredPermission.objects.get_for_holder(holder) - - @classmethod - def all(cls): - # Return sorted permisions by namespace.name - return sorted(cls._permissions.values(), key=lambda x: x.namespace.name) - - @classmethod - def get(cls, get_dict, proxy_only=False): - if 'pk' in get_dict: - try: - if proxy_only: - return cls._permissions[get_dict['pk']] - else: - return cls._permissions[get_dict['pk']].get_stored_permission() - except KeyError: - raise Permission.DoesNotExist - - def __init__(self, model): - self.model = model - - -class Permission(object): - _stored_permissions_cache = {} - - DoesNotExist = PermissionDoesNotExists - - def __init__(self, namespace, name, label): - self.namespace = namespace - self.name = name - self.label = label - self.pk = self.uuid - - def __unicode__(self): - return unicode(self.label) - - def __str__(self): - return str(self.__unicode__()) - - @property - def uuid(self): - return '%s.%s' % (self.namespace.name, self.name) - - @property - def stored_permission(self): - return self.get_stored_permission() - - def get_stored_permission(self): - try: - return self.__class__._stored_permissions_cache[self] - except KeyError: - stored_permission, created = StoredPermission.objects.get_or_create( - namespace=self.namespace.name, - name=self.name, - ) - stored_permission.volatile_permission = self - self.__class__._stored_permissions_cache[self] = stored_permission - return stored_permission - - def requester_has_this(self, requester): - stored_permission = self.get_stored_permission() - return stored_permission.requester_has_this(requester) - - def save(self, *args, **kwargs): - return self.get_stored_permission() - -Permission.objects = PermissionManager(Permission) -Permission._default_manager = Permission.objects - - @python_2_unicode_compatible class StoredPermission(models.Model): namespace = models.CharField(max_length=64, verbose_name=_('Namespace')) @@ -141,10 +33,12 @@ class StoredPermission(models.Model): verbose_name_plural = _('Permissions') def __init__(self, *args, **kwargs): + from .classes import Permission + super(StoredPermission, self).__init__(*args, **kwargs) try: - self.volatile_permission = Permission.objects.get({'pk': '%s.%s' % (self.namespace, self.name)}, proxy_only=True) - except Permission.DoesNotExist: + self.volatile_permission = Permission.get({'pk': '%s.%s' % (self.namespace, self.name)}, proxy_only=True) + except KeyError: # Must be a deprecated permission in the database that is no # longer used in the current code pass diff --git a/mayan/apps/permissions/permissions.py b/mayan/apps/permissions/permissions.py index e39ac9f6c5..37b63a414f 100644 --- a/mayan/apps/permissions/permissions.py +++ b/mayan/apps/permissions/permissions.py @@ -2,7 +2,7 @@ from __future__ import absolute_import, unicode_literals from django.utils.translation import ugettext_lazy as _ -from .models import PermissionNamespace +from . import PermissionNamespace namespace = PermissionNamespace('permissions', _('Permissions')) diff --git a/mayan/apps/permissions/views.py b/mayan/apps/permissions/views.py index 7ec43de888..9e14d01d45 100644 --- a/mayan/apps/permissions/views.py +++ b/mayan/apps/permissions/views.py @@ -21,9 +21,9 @@ from common.views import ( from common.utils import encapsulate from common.widgets import two_state_template -from .classes import Member +from .classes import Member, Permission from .forms import RoleForm, RoleForm_view -from .models import Permission, Role +from .models import Role from .permissions import ( permission_permission_grant, permission_permission_revoke, permission_role_view, permission_role_create, permission_role_delete, @@ -58,7 +58,7 @@ class SetupRoleMembersView(AssignRemoveView): self.role.add_member(member) def dispatch(self, request, *args, **kwargs): - Permission.objects.check_permissions(request.user, [permission_role_edit]) + Permission.check_permissions(request.user, [permission_role_edit]) self.role = get_object_or_404(Role, pk=self.kwargs['role_id']) self.left_list_title = _('Non members of role: %s') % self.role self.right_list_title = _('Members of role: %s') % self.role @@ -85,7 +85,7 @@ class SetupRoleMembersView(AssignRemoveView): def role_list(request): - Permission.objects.check_permissions(request.user, [permission_role_view]) + Permission.check_permissions(request.user, [permission_role_view]) context = { 'object_list': Role.objects.all(), @@ -98,46 +98,35 @@ def role_list(request): def role_permissions(request, role_id): - Permission.objects.check_permissions(request.user, [permission_permission_grant, permission_permission_revoke]) + Permission.check_permissions(request.user, [permission_permission_grant, permission_permission_revoke]) role = get_object_or_404(Role, pk=role_id) - form = RoleForm_view(instance=role) - subtemplates_list = [ - { - 'name': 'appearance/generic_list_subtemplate.html', - 'context': { - 'title': _('Permissions'), - 'object_list': Permission.objects.all(), - 'extra_columns': [ - {'name': _('Namespace'), 'attribute': encapsulate(lambda x: x.namespace)}, - {'name': _('Name'), 'attribute': encapsulate(lambda x: x.label)}, - { - 'name': _('Has permission'), - 'attribute': encapsulate(lambda x: two_state_template(x.requester_has_this(role))), - }, - ], - 'hide_link': True, - 'hide_object': True, - } - }, - ] - - return render_to_response('appearance/generic_form.html', { - 'form': form, + return render_to_response('appearance/generic_list.html', { 'object': role, - 'subtemplates_list': subtemplates_list, 'multi_select_item_properties': { 'permission_id': lambda x: x.pk, 'requester_id': lambda x: role.pk, 'requester_app_label': lambda x: ContentType.objects.get_for_model(role).app_label, 'requester_model': lambda x: ContentType.objects.get_for_model(role).model, }, + 'title': _('Permissions for: %s') % role, + 'object_list': Permission.all(), + 'extra_columns': [ + {'name': _('Namespace'), 'attribute': encapsulate(lambda x: x.namespace)}, + {'name': _('Name'), 'attribute': encapsulate(lambda x: x.label)}, + { + 'name': _('Has permission'), + 'attribute': encapsulate(lambda x: two_state_template(x.requester_has_this(role))), + }, + ], + 'hide_link': True, + 'hide_object': True, }, context_instance=RequestContext(request)) def permission_grant(request): - Permission.objects.check_permissions(request.user, [permission_permission_grant]) + Permission.check_permissions(request.user, [permission_permission_grant]) items_property_list = loads(request.GET.get('items_property_list', [])) next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) @@ -146,7 +135,7 @@ def permission_grant(request): items = [] for item_properties in items_property_list: try: - permission = Permission.objects.get({'pk': item_properties['permission_id']}) + permission = Permission.get({'pk': item_properties['permission_id']}) except Permission.DoesNotExist: raise Http404 @@ -197,7 +186,7 @@ def permission_grant(request): def permission_revoke(request): - Permission.objects.check_permissions(request.user, [permission_permission_revoke]) + Permission.check_permissions(request.user, [permission_permission_revoke]) items_property_list = loads(request.GET.get('items_property_list', [])) next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', None))) @@ -206,7 +195,7 @@ def permission_revoke(request): items = [] for item_properties in items_property_list: try: - permission = Permission.objects.get({'pk': item_properties['permission_id']}) + permission = Permission.get({'pk': item_properties['permission_id']}) except Permission.DoesNotExist: raise Http404 diff --git a/mayan/apps/rest_api/filters.py b/mayan/apps/rest_api/filters.py index 5132294e19..9e9083816c 100644 --- a/mayan/apps/rest_api/filters.py +++ b/mayan/apps/rest_api/filters.py @@ -5,7 +5,7 @@ from django.core.exceptions import PermissionDenied from rest_framework.filters import BaseFilterBackend from acls.models import AccessEntry -from permissions.models import Permission +from permissions import Permission class MayanObjectPermissionsFilter(BaseFilterBackend): @@ -14,7 +14,7 @@ class MayanObjectPermissionsFilter(BaseFilterBackend): if required_permission: try: - Permission.objects.check_permissions(request.user, required_permission) + Permission.check_permissions(request.user, required_permission) except PermissionDenied: return AccessEntry.objects.filter_objects_by_access(required_permission[0], request.user, queryset) else: diff --git a/mayan/apps/rest_api/permissions.py b/mayan/apps/rest_api/permissions.py index 53686d12d0..08638c139d 100644 --- a/mayan/apps/rest_api/permissions.py +++ b/mayan/apps/rest_api/permissions.py @@ -7,7 +7,7 @@ from django.core.exceptions import PermissionDenied from rest_framework.permissions import BasePermission from acls.models import AccessEntry -from permissions.models import Permission +from permissions import Permission class MayanPermission(BasePermission): @@ -16,7 +16,7 @@ class MayanPermission(BasePermission): if required_permission: try: - Permission.objects.check_permissions(request.user, required_permission) + Permission.check_permissions(request.user, required_permission) except PermissionDenied: return False else: @@ -29,7 +29,7 @@ class MayanPermission(BasePermission): if required_permission: try: - Permission.objects.check_permissions(request.user, required_permission) + Permission.check_permissions(request.user, required_permission) except PermissionDenied: try: if hasattr(view, 'mayan_permission_attribute_check'): diff --git a/mayan/apps/sources/permissions.py b/mayan/apps/sources/permissions.py index fdbe29fa69..3be4d79177 100644 --- a/mayan/apps/sources/permissions.py +++ b/mayan/apps/sources/permissions.py @@ -2,7 +2,7 @@ from __future__ import absolute_import, unicode_literals from django.utils.translation import ugettext_lazy as _ -from permissions.models import PermissionNamespace +from permissions import PermissionNamespace namespace = PermissionNamespace('sources_setup', _('Sources setup')) permission_sources_setup_create = namespace.add_permission(name='sources_setup_create', label=_('Create new document sources')) diff --git a/mayan/apps/sources/views.py b/mayan/apps/sources/views.py index 8b4f44b784..451d89980c 100644 --- a/mayan/apps/sources/views.py +++ b/mayan/apps/sources/views.py @@ -22,7 +22,7 @@ from documents.permissions import ( from documents.tasks import task_upload_new_version from metadata.api import decode_metadata_from_url from navigation import Link -from permissions.models import Permission +from permissions import Permission from .forms import ( NewDocumentForm, NewVersionForm @@ -73,7 +73,7 @@ class SourceLogListView(ParentChildListView): def document_create_siblings(request, document_id): - Permission.objects.check_permissions(request.user, [permission_document_create]) + Permission.check_permissions(request.user, [permission_document_create]) document = get_object_or_404(Document, pk=document_id) query_dict = {} @@ -192,7 +192,7 @@ class UploadInteractiveView(UploadBaseView): def dispatch(self, request, *args, **kwargs): self.subtemplates_list = [] - Permission.objects.check_permissions(request.user, [permission_document_create]) + Permission.check_permissions(request.user, [permission_document_create]) self.document_type = get_object_or_404(DocumentType, pk=self.request.GET.get('document_type_id', self.request.POST.get('document_type_id'))) @@ -275,7 +275,7 @@ class UploadInteractiveVersionView(UploadBaseView): self.document = get_object_or_404(Document, pk=kwargs['document_pk']) try: - Permission.objects.check_permissions(self.request.user, [permission_document_new_version]) + Permission.check_permissions(self.request.user, [permission_document_new_version]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_new_version, self.request.user, self.document) @@ -336,7 +336,7 @@ class UploadInteractiveVersionView(UploadBaseView): def staging_file_delete(request, staging_folder_pk, encoded_filename): - Permission.objects.check_permissions(request.user, [permission_document_create, permission_document_new_version]) + Permission.check_permissions(request.user, [permission_document_create, permission_document_new_version]) staging_folder = get_object_or_404(StagingFolderSource, pk=staging_folder_pk) staging_file = staging_folder.get_file(encoded_filename=encoded_filename) @@ -365,7 +365,7 @@ def staging_file_delete(request, staging_folder_pk, encoded_filename): # Setup views def setup_source_list(request): - Permission.objects.check_permissions(request.user, [permission_sources_setup_view]) + Permission.check_permissions(request.user, [permission_sources_setup_view]) context = { 'object_list': Source.objects.select_subclasses(), @@ -388,7 +388,7 @@ def setup_source_list(request): def setup_source_edit(request, source_id): - Permission.objects.check_permissions(request.user, [permission_sources_setup_edit]) + Permission.check_permissions(request.user, [permission_sources_setup_edit]) source = get_object_or_404(Source.objects.select_subclasses(), pk=source_id) form_class = get_form_class(source.source_type) @@ -418,7 +418,7 @@ def setup_source_edit(request, source_id): def setup_source_delete(request, source_id): - Permission.objects.check_permissions(request.user, [permission_sources_setup_delete]) + Permission.check_permissions(request.user, [permission_sources_setup_delete]) source = get_object_or_404(Source.objects.select_subclasses(), pk=source_id) redirect_view = reverse('sources:setup_source_list') @@ -448,7 +448,7 @@ def setup_source_delete(request, source_id): def setup_source_create(request, source_type): - Permission.objects.check_permissions(request.user, [permission_sources_setup_create]) + Permission.check_permissions(request.user, [permission_sources_setup_create]) cls = get_class(source_type) form_class = get_form_class(source_type) diff --git a/mayan/apps/tags/api_views.py b/mayan/apps/tags/api_views.py index 7a8868a54f..ceb0c97be9 100644 --- a/mayan/apps/tags/api_views.py +++ b/mayan/apps/tags/api_views.py @@ -9,7 +9,7 @@ from rest_framework.response import Response from acls.models import AccessEntry from documents.models import Document from documents.permissions import permission_document_view -from permissions.models import Permission +from permissions import Permission from rest_api.filters import MayanObjectPermissionsFilter from rest_api.permissions import MayanPermission @@ -75,7 +75,7 @@ class APITagDocumentListView(generics.ListAPIView): def get_queryset(self): tag = get_object_or_404(Tag, pk=self.kwargs['pk']) try: - Permission.objects.check_permissions(self.request.user, [permission_tag_view]) + Permission.check_permissions(self.request.user, [permission_tag_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_tag_view, self.request.user, tag) @@ -96,7 +96,7 @@ class APIDocumentTagListView(generics.ListAPIView): def get_queryset(self): document = get_object_or_404(Document, pk=self.kwargs['pk']) try: - Permission.objects.check_permissions(self.request.user, [permission_document_view]) + Permission.check_permissions(self.request.user, [permission_document_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_view, self.request.user, document) @@ -112,7 +112,7 @@ class APIDocumentTagView(views.APIView): document = get_object_or_404(Document, pk=self.kwargs['document_pk']) try: - Permission.objects.check_permissions(request.user, [permission_tag_remove]) + Permission.check_permissions(request.user, [permission_tag_remove]) except PermissionDenied: AccessEntry.objects.check_access(permission_tag_remove, request.user, document) @@ -127,7 +127,7 @@ class APIDocumentTagView(views.APIView): document = get_object_or_404(Document, pk=self.kwargs['document_pk']) try: - Permission.objects.check_permissions(request.user, [permission_tag_attach]) + Permission.check_permissions(request.user, [permission_tag_attach]) except PermissionDenied: AccessEntry.objects.check_access(permission_tag_attach, request.user, document) diff --git a/mayan/apps/tags/forms.py b/mayan/apps/tags/forms.py index 700a40569c..67d04f8a7a 100644 --- a/mayan/apps/tags/forms.py +++ b/mayan/apps/tags/forms.py @@ -7,7 +7,7 @@ from django.core.exceptions import PermissionDenied from django.utils.translation import ugettext_lazy as _ from acls.models import AccessEntry -from permissions.models import Permission +from permissions import Permission from .models import Tag from .permissions import permission_tag_view @@ -33,7 +33,7 @@ class TagListForm(forms.Form): queryset = Tag.objects.all() try: - Permission.objects.check_permissions(user, [permission_tag_view]) + Permission.check_permissions(user, [permission_tag_view]) except PermissionDenied: queryset = AccessEntry.objects.filter_objects_by_access(permission_tag_view, user, queryset) diff --git a/mayan/apps/tags/permissions.py b/mayan/apps/tags/permissions.py index 4c2532d721..97b2522060 100644 --- a/mayan/apps/tags/permissions.py +++ b/mayan/apps/tags/permissions.py @@ -2,7 +2,7 @@ from __future__ import absolute_import, unicode_literals from django.utils.translation import ugettext_lazy as _ -from permissions.models import PermissionNamespace +from permissions import PermissionNamespace namespace = PermissionNamespace('tags', _('Tags')) diff --git a/mayan/apps/tags/views.py b/mayan/apps/tags/views.py index 6a56265329..32a1cbd272 100644 --- a/mayan/apps/tags/views.py +++ b/mayan/apps/tags/views.py @@ -17,7 +17,7 @@ from acls.utils import apply_default_acls from documents.models import Document from documents.views import DocumentListView from documents.permissions import permission_document_view -from permissions.models import Permission +from permissions import Permission from .forms import TagForm, TagListForm from .models import Tag @@ -30,7 +30,7 @@ logger = logging.getLogger(__name__) def tag_create(request): - Permission.objects.check_permissions(request.user, [permission_tag_create]) + Permission.check_permissions(request.user, [permission_tag_create]) redirect_url = reverse('tags:tag_list') if request.method == 'POST': @@ -61,7 +61,7 @@ def tag_attach(request, document_id=None, document_id_list=None): return HttpResponseRedirect(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))) try: - Permission.objects.check_permissions(request.user, [permission_tag_attach]) + Permission.check_permissions(request.user, [permission_tag_attach]) except PermissionDenied: documents = AccessEntry.objects.filter_objects_by_access(permission_tag_attach, request.user, documents) @@ -123,7 +123,7 @@ def tag_list(request, queryset=None, extra_context=None): queryset = queryset if not (queryset is None) else Tag.objects.all() try: - Permission.objects.check_permissions(request.user, [permission_tag_view]) + Permission.check_permissions(request.user, [permission_tag_view]) except PermissionDenied: queryset = AccessEntry.objects.filter_objects_by_access(permission_tag_view, request.user, queryset) @@ -146,7 +146,7 @@ def tag_delete(request, tag_id=None, tag_id_list=None): return HttpResponseRedirect(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))) try: - Permission.objects.check_permissions(request.user, [permission_tag_delete]) + Permission.check_permissions(request.user, [permission_tag_delete]) except PermissionDenied: tags = AccessEntry.objects.filter_objects_by_access(permission_tag_delete, request.user, tags) @@ -194,7 +194,7 @@ def tag_edit(request, tag_id): tag = get_object_or_404(Tag, pk=tag_id) try: - Permission.objects.check_permissions(request.user, [permission_tag_edit]) + Permission.check_permissions(request.user, [permission_tag_edit]) except PermissionDenied: AccessEntry.objects.check_access(permission_tag_edit, request.user, tag) @@ -233,7 +233,7 @@ def document_tags(request, document_id): document = get_object_or_404(Document, pk=document_id) try: - Permission.objects.check_permissions(request.user, [permission_document_view]) + Permission.check_permissions(request.user, [permission_document_view]) except PermissionDenied: AccessEntry.objects.check_access(permission_document_view, request.user, document) @@ -256,7 +256,7 @@ def tag_remove(request, document_id=None, document_id_list=None, tag_id=None, ta return HttpResponseRedirect(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))) try: - Permission.objects.check_permissions(request.user, [permission_tag_remove]) + Permission.check_permissions(request.user, [permission_tag_remove]) except PermissionDenied: documents = AccessEntry.objects.filter_objects_by_access(permission_tag_remove, request.user, documents, exception_on_empty=True) diff --git a/mayan/apps/user_management/permissions.py b/mayan/apps/user_management/permissions.py index c850ed6748..78a2440b66 100644 --- a/mayan/apps/user_management/permissions.py +++ b/mayan/apps/user_management/permissions.py @@ -2,7 +2,7 @@ from __future__ import absolute_import, unicode_literals from django.utils.translation import ugettext_lazy as _ -from permissions.models import PermissionNamespace +from permissions import PermissionNamespace namespace = PermissionNamespace('user_management', _('User management')) diff --git a/mayan/apps/user_management/views.py b/mayan/apps/user_management/views.py index fafeaf9fbd..397c541e88 100644 --- a/mayan/apps/user_management/views.py +++ b/mayan/apps/user_management/views.py @@ -13,7 +13,7 @@ from django.utils.translation import ugettext_lazy as _ from common.utils import encapsulate from common.views import AssignRemoveView from common.widgets import two_state_template -from permissions.models import Permission +from permissions import Permission from .forms import GroupForm, PasswordForm, UserForm from .permissions import ( @@ -24,7 +24,7 @@ from .permissions import ( def user_list(request): - Permission.objects.check_permissions(request.user, [permission_user_view]) + Permission.check_permissions(request.user, [permission_user_view]) context = { 'object_list': get_user_model().objects.exclude(is_superuser=True).exclude(is_staff=True).order_by('username'), @@ -55,7 +55,7 @@ def user_list(request): def user_edit(request, user_id): - Permission.objects.check_permissions(request.user, [permission_user_edit]) + Permission.check_permissions(request.user, [permission_user_edit]) user = get_object_or_404(User, pk=user_id) if user.is_superuser or user.is_staff: @@ -79,7 +79,7 @@ def user_edit(request, user_id): def user_add(request): - Permission.objects.check_permissions(request.user, [permission_user_create]) + Permission.check_permissions(request.user, [permission_user_create]) if request.method == 'POST': form = UserForm(request.POST) @@ -99,7 +99,7 @@ def user_add(request): def user_delete(request, user_id=None, user_id_list=None): - Permission.objects.check_permissions(request.user, [permission_user_delete]) + Permission.check_permissions(request.user, [permission_user_delete]) post_action_redirect = None if user_id: @@ -151,7 +151,7 @@ def user_multiple_delete(request): def user_set_password(request, user_id=None, user_id_list=None): - Permission.objects.check_permissions(request.user, [permission_user_edit]) + Permission.check_permissions(request.user, [permission_user_edit]) post_action_redirect = None if user_id: @@ -226,7 +226,7 @@ class UserGroupsView(AssignRemoveView): item.user_set.add(self.user) def dispatch(self, request, *args, **kwargs): - Permission.objects.check_permissions(request.user, [permission_user_edit]) + Permission.check_permissions(request.user, [permission_user_edit]) self.user = get_object_or_404(User, pk=self.kwargs['user_id']) self.left_list_title = _('Non groups of user: %s') % self.user self.right_list_title = _('Groups of user: %s') % self.user @@ -253,7 +253,7 @@ class UserGroupsView(AssignRemoveView): # Group views def group_list(request): - Permission.objects.check_permissions(request.user, [permission_group_view]) + Permission.check_permissions(request.user, [permission_group_view]) context = { 'object_list': Group.objects.all(), @@ -272,7 +272,7 @@ def group_list(request): def group_edit(request, group_id): - Permission.objects.check_permissions(request.user, [permission_group_edit]) + Permission.check_permissions(request.user, [permission_group_edit]) group = get_object_or_404(Group, pk=group_id) if request.method == 'POST': @@ -292,7 +292,7 @@ def group_edit(request, group_id): def group_add(request): - Permission.objects.check_permissions(request.user, [permission_group_create]) + Permission.check_permissions(request.user, [permission_group_create]) if request.method == 'POST': form = GroupForm(request.POST) @@ -310,7 +310,7 @@ def group_add(request): def group_delete(request, group_id=None, group_id_list=None): - Permission.objects.check_permissions(request.user, [permission_group_delete]) + Permission.check_permissions(request.user, [permission_group_delete]) post_action_redirect = None if group_id: @@ -365,7 +365,7 @@ class GroupMembersView(AssignRemoveView): self.group.user_set.add(item) def dispatch(self, request, *args, **kwargs): - Permission.objects.check_permissions(request.user, [permission_group_edit]) + Permission.check_permissions(request.user, [permission_group_edit]) self.group = get_object_or_404(Group, pk=self.kwargs['group_id']) self.left_list_title = _('Non members of group: %s') % self.group self.right_list_title = _('Members of group: %s') % self.group