Reduce the check_access boilerplate code.
This commit is contained in:
Roberto Rosario
@@ -51,13 +51,18 @@ class AccessControlListManager(models.Manager):
|
|||||||
if user.is_superuser or user.is_staff:
|
if user.is_superuser or user.is_staff:
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
try:
|
||||||
|
return Permission.check_permissions(
|
||||||
|
requester=user, permissions=permissions
|
||||||
|
)
|
||||||
|
except PermissionDenied:
|
||||||
try:
|
try:
|
||||||
stored_permissions = [
|
stored_permissions = [
|
||||||
permission.stored_permission for permission in permissions
|
permission.stored_permission for permission in permissions
|
||||||
]
|
]
|
||||||
except TypeError:
|
except TypeError:
|
||||||
# Not a list of permissions, just one
|
# Not a list of permissions, just one
|
||||||
stored_permissions = [permissions.stored_permission]
|
stored_permissions = (permissions.stored_permission,)
|
||||||
|
|
||||||
if related:
|
if related:
|
||||||
obj = return_attrib(obj, related)
|
obj = return_attrib(obj, related)
|
||||||
|
|||||||
@@ -4,7 +4,6 @@ import itertools
|
|||||||
import logging
|
import logging
|
||||||
|
|
||||||
from django.contrib.contenttypes.models import ContentType
|
from django.contrib.contenttypes.models import ContentType
|
||||||
from django.core.exceptions import PermissionDenied
|
|
||||||
from django.core.urlresolvers import reverse
|
from django.core.urlresolvers import reverse
|
||||||
from django.http import Http404, HttpResponseRedirect
|
from django.http import Http404, HttpResponseRedirect
|
||||||
from django.shortcuts import get_object_or_404
|
from django.shortcuts import get_object_or_404
|
||||||
@@ -14,7 +13,7 @@ from common.views import (
|
|||||||
AssignRemoveView, SingleObjectCreateView, SingleObjectDeleteView,
|
AssignRemoveView, SingleObjectCreateView, SingleObjectDeleteView,
|
||||||
SingleObjectListView
|
SingleObjectListView
|
||||||
)
|
)
|
||||||
from permissions import Permission, PermissionNamespace
|
from permissions import PermissionNamespace
|
||||||
from permissions.models import StoredPermission
|
from permissions.models import StoredPermission
|
||||||
|
|
||||||
from .classes import ModelPermission
|
from .classes import ModelPermission
|
||||||
@@ -41,13 +40,9 @@ class ACLCreateView(SingleObjectCreateView):
|
|||||||
except self.content_type.model_class().DoesNotExist:
|
except self.content_type.model_class().DoesNotExist:
|
||||||
raise Http404
|
raise Http404
|
||||||
|
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, permissions=(permission_acl_edit,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_acl_edit, request.user, self.content_object
|
permissions=permission_acl_edit, user=request.user,
|
||||||
|
obj=self.content_object
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(ACLCreateView, self).dispatch(request, *args, **kwargs)
|
return super(ACLCreateView, self).dispatch(request, *args, **kwargs)
|
||||||
@@ -92,13 +87,9 @@ class ACLDeleteView(SingleObjectDeleteView):
|
|||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
acl = get_object_or_404(AccessControlList, pk=self.kwargs['pk'])
|
acl = get_object_or_404(AccessControlList, pk=self.kwargs['pk'])
|
||||||
|
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, permissions=(permission_acl_edit,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_acl_edit, request.user, acl.content_object
|
permissions=permission_acl_edit, user=request.user,
|
||||||
|
obj=acl.content_object
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(ACLDeleteView, self).dispatch(request, *args, **kwargs)
|
return super(ACLDeleteView, self).dispatch(request, *args, **kwargs)
|
||||||
@@ -133,13 +124,9 @@ class ACLListView(SingleObjectListView):
|
|||||||
except self.content_type.model_class().DoesNotExist:
|
except self.content_type.model_class().DoesNotExist:
|
||||||
raise Http404
|
raise Http404
|
||||||
|
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, permissions=(permission_acl_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_acl_view, request.user, self.content_object
|
permissions=permission_acl_view, user=request.user,
|
||||||
|
obj=self.content_object
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(ACLListView, self).dispatch(request, *args, **kwargs)
|
return super(ACLListView, self).dispatch(request, *args, **kwargs)
|
||||||
@@ -183,13 +170,9 @@ class ACLPermissionsView(AssignRemoveView):
|
|||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
acl = get_object_or_404(AccessControlList, pk=self.kwargs['pk'])
|
acl = get_object_or_404(AccessControlList, pk=self.kwargs['pk'])
|
||||||
|
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, permissions=(permission_acl_edit,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_acl_edit, request.user, acl.content_object
|
permissions=permission_acl_edit, user=request.user,
|
||||||
|
obj=acl.content_object
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(
|
return super(
|
||||||
|
|||||||
@@ -2,7 +2,6 @@ from __future__ import absolute_import, unicode_literals
|
|||||||
|
|
||||||
import pytz
|
import pytz
|
||||||
|
|
||||||
from django.core.exceptions import PermissionDenied
|
|
||||||
from django.shortcuts import get_object_or_404
|
from django.shortcuts import get_object_or_404
|
||||||
|
|
||||||
from rest_framework import generics, status
|
from rest_framework import generics, status
|
||||||
@@ -11,7 +10,6 @@ from rest_framework.response import Response
|
|||||||
from acls.models import AccessControlList
|
from acls.models import AccessControlList
|
||||||
from documents.models import Document
|
from documents.models import Document
|
||||||
from documents.permissions import permission_document_view
|
from documents.permissions import permission_document_view
|
||||||
from permissions import Permission
|
|
||||||
|
|
||||||
from .models import DocumentCheckout
|
from .models import DocumentCheckout
|
||||||
from .permissions import (
|
from .permissions import (
|
||||||
@@ -60,13 +58,9 @@ class APICheckedoutDocumentListView(generics.ListCreateAPIView):
|
|||||||
document = get_object_or_404(
|
document = get_object_or_404(
|
||||||
Document, pk=serializer.data['document']
|
Document, pk=serializer.data['document']
|
||||||
)
|
)
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_document_checkout,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_checkout, request.user, document
|
permissions=permission_document_checkout, user=request.user,
|
||||||
|
obj=document
|
||||||
)
|
)
|
||||||
|
|
||||||
timezone = pytz.utc
|
timezone = pytz.utc
|
||||||
@@ -126,23 +120,14 @@ class APICheckedoutDocumentView(generics.RetrieveDestroyAPIView):
|
|||||||
document = self.get_object().document
|
document = self.get_object().document
|
||||||
|
|
||||||
if document.checkout_info().user == request.user:
|
if document.checkout_info().user == request.user:
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_document_checkin,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_checkin, request.user, document
|
permissions=permission_document_checkin, user=request.user,
|
||||||
|
obj=document
|
||||||
)
|
)
|
||||||
else:
|
else:
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_document_checkin_override,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_checkin_override, request.user,
|
permissions=permission_document_checkin_override,
|
||||||
document
|
user=request.user, obj=document
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(
|
return super(
|
||||||
|
|||||||
@@ -1,7 +1,6 @@
|
|||||||
from __future__ import absolute_import, unicode_literals
|
from __future__ import absolute_import, unicode_literals
|
||||||
|
|
||||||
from django.contrib import messages
|
from django.contrib import messages
|
||||||
from django.core.exceptions import PermissionDenied
|
|
||||||
from django.core.urlresolvers import reverse
|
from django.core.urlresolvers import reverse
|
||||||
from django.http import HttpResponseRedirect
|
from django.http import HttpResponseRedirect
|
||||||
from django.shortcuts import get_object_or_404
|
from django.shortcuts import get_object_or_404
|
||||||
@@ -15,7 +14,6 @@ from common.generics import (
|
|||||||
ConfirmView, SingleObjectCreateView, SingleObjectDetailView
|
ConfirmView, SingleObjectCreateView, SingleObjectDetailView
|
||||||
)
|
)
|
||||||
from common.utils import encapsulate
|
from common.utils import encapsulate
|
||||||
from permissions import Permission
|
|
||||||
|
|
||||||
from .exceptions import DocumentAlreadyCheckedOut, DocumentNotCheckedOut
|
from .exceptions import DocumentAlreadyCheckedOut, DocumentNotCheckedOut
|
||||||
from .forms import DocumentCheckoutForm, DocumentCheckoutDefailForm
|
from .forms import DocumentCheckoutForm, DocumentCheckoutDefailForm
|
||||||
@@ -32,13 +30,9 @@ class CheckoutDocumentView(SingleObjectCreateView):
|
|||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
self.document = get_object_or_404(Document, pk=self.kwargs['pk'])
|
self.document = get_object_or_404(Document, pk=self.kwargs['pk'])
|
||||||
|
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_document_checkout,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_checkout, request.user, self.document
|
permissions=permission_document_checkout, user=request.user,
|
||||||
|
obj=self.document
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(
|
return super(
|
||||||
@@ -151,23 +145,14 @@ class DocumentCheckinView(ConfirmView):
|
|||||||
document = self.get_object()
|
document = self.get_object()
|
||||||
|
|
||||||
if document.checkout_info().user == self.request.user:
|
if document.checkout_info().user == self.request.user:
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
self.request.user, (permission_document_checkin,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_checkin, self.request.user, document
|
permissions=permission_document_checkin,
|
||||||
|
user=self.request.user, obj=document
|
||||||
)
|
)
|
||||||
else:
|
else:
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
self.request.user, (permission_document_checkin_override,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_checkin_override, self.request.user,
|
permissions=permission_document_checkin_override,
|
||||||
document
|
user=self.request.user, obj=document
|
||||||
)
|
)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
|
|||||||
@@ -128,14 +128,9 @@ class ObjectPermissionCheckMixin(object):
|
|||||||
)
|
)
|
||||||
|
|
||||||
if self.object_permission:
|
if self.object_permission:
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (self.object_permission,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
self.object_permission, request.user,
|
permissions=self.object_permission, user=request.user,
|
||||||
self.get_permission_object(),
|
obj=self.get_permission_object(),
|
||||||
related=getattr(self, 'object_permission_related', None)
|
related=getattr(self, 'object_permission_related', None)
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|||||||
@@ -3,7 +3,6 @@ from __future__ import absolute_import, unicode_literals
|
|||||||
import logging
|
import logging
|
||||||
|
|
||||||
from django.contrib.contenttypes.models import ContentType
|
from django.contrib.contenttypes.models import ContentType
|
||||||
from django.core.exceptions import PermissionDenied
|
|
||||||
from django.core.urlresolvers import reverse
|
from django.core.urlresolvers import reverse
|
||||||
from django.http import Http404
|
from django.http import Http404
|
||||||
from django.shortcuts import get_object_or_404
|
from django.shortcuts import get_object_or_404
|
||||||
@@ -14,7 +13,6 @@ from common.views import (
|
|||||||
SingleObjectCreateView, SingleObjectDeleteView, SingleObjectEditView,
|
SingleObjectCreateView, SingleObjectDeleteView, SingleObjectEditView,
|
||||||
SingleObjectListView
|
SingleObjectListView
|
||||||
)
|
)
|
||||||
from permissions import Permission
|
|
||||||
|
|
||||||
from .models import Transformation
|
from .models import Transformation
|
||||||
from .permissions import (
|
from .permissions import (
|
||||||
@@ -33,14 +31,9 @@ class TransformationDeleteView(SingleObjectDeleteView):
|
|||||||
Transformation, pk=self.kwargs['pk']
|
Transformation, pk=self.kwargs['pk']
|
||||||
)
|
)
|
||||||
|
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_transformation_delete,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_transformation_delete, request.user,
|
permissions=permission_transformation_delete, user=request.user,
|
||||||
self.transformation.content_object
|
obj=self.transformation.content_object
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(TransformationDeleteView, self).dispatch(
|
return super(TransformationDeleteView, self).dispatch(
|
||||||
@@ -94,14 +87,9 @@ class TransformationCreateView(SingleObjectCreateView):
|
|||||||
except content_type.model_class().DoesNotExist:
|
except content_type.model_class().DoesNotExist:
|
||||||
raise Http404
|
raise Http404
|
||||||
|
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_transformation_create,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_transformation_create, request.user,
|
permissions=permission_transformation_create, user=request.user,
|
||||||
self.content_object
|
obj=self.content_object
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(TransformationCreateView, self).dispatch(
|
return super(TransformationCreateView, self).dispatch(
|
||||||
@@ -150,14 +138,9 @@ class TransformationEditView(SingleObjectEditView):
|
|||||||
Transformation, pk=self.kwargs['pk']
|
Transformation, pk=self.kwargs['pk']
|
||||||
)
|
)
|
||||||
|
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_transformation_edit,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_transformation_edit, request.user,
|
permissions=permission_transformation_edit, user=request.user,
|
||||||
self.transformation.content_object
|
obj=self.transformation.content_object
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(TransformationEditView, self).dispatch(
|
return super(TransformationEditView, self).dispatch(
|
||||||
@@ -212,14 +195,9 @@ class TransformationListView(SingleObjectListView):
|
|||||||
except content_type.model_class().DoesNotExist:
|
except content_type.model_class().DoesNotExist:
|
||||||
raise Http404
|
raise Http404
|
||||||
|
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_transformation_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_transformation_view, request.user,
|
permissions=permission_transformation_view, user=request.user,
|
||||||
self.content_object
|
obj=self.content_object
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(TransformationListView, self).dispatch(
|
return super(TransformationListView, self).dispatch(
|
||||||
|
|||||||
@@ -1,6 +1,5 @@
|
|||||||
from __future__ import absolute_import, unicode_literals
|
from __future__ import absolute_import, unicode_literals
|
||||||
|
|
||||||
from django.core.exceptions import PermissionDenied
|
|
||||||
from django.core.urlresolvers import reverse
|
from django.core.urlresolvers import reverse
|
||||||
from django.shortcuts import get_object_or_404
|
from django.shortcuts import get_object_or_404
|
||||||
from django.utils.translation import ugettext_lazy as _
|
from django.utils.translation import ugettext_lazy as _
|
||||||
@@ -10,7 +9,6 @@ from common.generics import (
|
|||||||
SingleObjectCreateView, SingleObjectDeleteView, SingleObjectListView
|
SingleObjectCreateView, SingleObjectDeleteView, SingleObjectListView
|
||||||
)
|
)
|
||||||
from documents.models import Document
|
from documents.models import Document
|
||||||
from permissions import Permission
|
|
||||||
|
|
||||||
from .models import Comment
|
from .models import Comment
|
||||||
from .permissions import (
|
from .permissions import (
|
||||||
@@ -25,13 +23,9 @@ class DocumentCommentCreateView(SingleObjectCreateView):
|
|||||||
object_verbose_name = _('Comment')
|
object_verbose_name = _('Comment')
|
||||||
|
|
||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_comment_create,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_comment_create, request.user, self.get_document()
|
permissions=permission_comment_create, user=request.user,
|
||||||
|
obj=self.get_document()
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(
|
return super(
|
||||||
@@ -67,14 +61,9 @@ class DocumentCommentDeleteView(SingleObjectDeleteView):
|
|||||||
model = Comment
|
model = Comment
|
||||||
|
|
||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_comment_delete,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_comment_delete, request.user,
|
permissions=permission_comment_delete, user=request.user,
|
||||||
self.get_object().document
|
obj=self.get_object().document
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(
|
return super(
|
||||||
@@ -102,14 +91,9 @@ class DocumentCommentListView(SingleObjectListView):
|
|||||||
return get_object_or_404(Document, pk=self.kwargs['pk'])
|
return get_object_or_404(Document, pk=self.kwargs['pk'])
|
||||||
|
|
||||||
def get_queryset(self):
|
def get_queryset(self):
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
self.request.user, (permission_comment_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_comment_view, self.request.user,
|
permissions=permission_comment_view, user=self.request.user,
|
||||||
self.get_document()
|
obj=self.get_document()
|
||||||
)
|
)
|
||||||
|
|
||||||
return self.get_document().comments.all()
|
return self.get_document().comments.all()
|
||||||
|
|||||||
@@ -1,6 +1,5 @@
|
|||||||
from __future__ import absolute_import, unicode_literals
|
from __future__ import absolute_import, unicode_literals
|
||||||
|
|
||||||
from django.core.exceptions import PermissionDenied
|
|
||||||
from django.shortcuts import get_object_or_404
|
from django.shortcuts import get_object_or_404
|
||||||
|
|
||||||
from rest_framework import generics
|
from rest_framework import generics
|
||||||
@@ -9,7 +8,6 @@ from acls.models import AccessControlList
|
|||||||
from documents.models import Document
|
from documents.models import Document
|
||||||
from documents.permissions import permission_document_view
|
from documents.permissions import permission_document_view
|
||||||
from documents.serializers import DocumentSerializer
|
from documents.serializers import DocumentSerializer
|
||||||
from permissions import Permission
|
|
||||||
from rest_api.filters import MayanObjectPermissionsFilter
|
from rest_api.filters import MayanObjectPermissionsFilter
|
||||||
from rest_api.permissions import MayanPermission
|
from rest_api.permissions import MayanPermission
|
||||||
|
|
||||||
@@ -99,14 +97,9 @@ class APIIndexNodeInstanceDocumentListView(generics.ListAPIView):
|
|||||||
index_node_instance = get_object_or_404(
|
index_node_instance = get_object_or_404(
|
||||||
IndexInstanceNode, pk=self.kwargs['pk']
|
IndexInstanceNode, pk=self.kwargs['pk']
|
||||||
)
|
)
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
self.request.user, (permission_document_indexing_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_indexing_view, self.request.user,
|
permissions=permission_document_indexing_view,
|
||||||
index_node_instance.index
|
user=self.request.user, obj=index_node_instance.index
|
||||||
)
|
)
|
||||||
|
|
||||||
return index_node_instance.documents.all()
|
return index_node_instance.documents.all()
|
||||||
@@ -177,13 +170,9 @@ class APIDocumentIndexListView(generics.ListAPIView):
|
|||||||
|
|
||||||
def get_queryset(self):
|
def get_queryset(self):
|
||||||
document = get_object_or_404(Document, pk=self.kwargs['pk'])
|
document = get_object_or_404(Document, pk=self.kwargs['pk'])
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
self.request.user, (permission_document_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_view, self.request.user, document
|
permissions=permission_document_view, user=self.request.user,
|
||||||
|
obj=document
|
||||||
)
|
)
|
||||||
|
|
||||||
return document.node_instances.all()
|
return document.node_instances.all()
|
||||||
|
|||||||
@@ -1,7 +1,6 @@
|
|||||||
from __future__ import absolute_import, unicode_literals
|
from __future__ import absolute_import, unicode_literals
|
||||||
|
|
||||||
from django.contrib import messages
|
from django.contrib import messages
|
||||||
from django.core.exceptions import PermissionDenied
|
|
||||||
from django.core.urlresolvers import reverse, reverse_lazy
|
from django.core.urlresolvers import reverse, reverse_lazy
|
||||||
from django.shortcuts import get_object_or_404
|
from django.shortcuts import get_object_or_404
|
||||||
from django.utils.html import mark_safe
|
from django.utils.html import mark_safe
|
||||||
@@ -15,7 +14,6 @@ from common.views import (
|
|||||||
from documents.models import Document, DocumentType
|
from documents.models import Document, DocumentType
|
||||||
from documents.permissions import permission_document_view
|
from documents.permissions import permission_document_view
|
||||||
from documents.views import DocumentListView
|
from documents.views import DocumentListView
|
||||||
from permissions import Permission
|
|
||||||
|
|
||||||
from .forms import IndexTemplateNodeForm
|
from .forms import IndexTemplateNodeForm
|
||||||
from .models import (
|
from .models import (
|
||||||
@@ -143,14 +141,9 @@ class TemplateNodeCreateView(SingleObjectCreateView):
|
|||||||
model = IndexTemplateNode
|
model = IndexTemplateNode
|
||||||
|
|
||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_document_indexing_edit,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_indexing_edit, request.user,
|
permissions=permission_document_indexing_edit, user=request.user,
|
||||||
self.get_parent_node().index
|
obj=self.get_parent_node().index
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(
|
return super(
|
||||||
@@ -236,14 +229,9 @@ class IndexInstanceNodeView(DocumentListView):
|
|||||||
IndexInstanceNode, pk=self.kwargs['pk']
|
IndexInstanceNode, pk=self.kwargs['pk']
|
||||||
)
|
)
|
||||||
|
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_document_indexing_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_indexing_view,
|
permissions=permission_document_indexing_view,
|
||||||
request.user, self.index_instance_node.index()
|
user=request.user, obj=self.index_instance_node.index()
|
||||||
)
|
)
|
||||||
|
|
||||||
if self.index_instance_node:
|
if self.index_instance_node:
|
||||||
@@ -299,13 +287,9 @@ class DocumentIndexNodeListView(SingleObjectListView):
|
|||||||
object_permission_related = 'index'
|
object_permission_related = 'index'
|
||||||
|
|
||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_document_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_view, request.user, self.get_document()
|
permissions=permission_document_view, user=request.user,
|
||||||
|
obj=self.get_document()
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(
|
return super(
|
||||||
|
|||||||
@@ -3,7 +3,6 @@ from __future__ import absolute_import, unicode_literals
|
|||||||
import logging
|
import logging
|
||||||
|
|
||||||
from django.contrib import messages
|
from django.contrib import messages
|
||||||
from django.core.exceptions import PermissionDenied
|
|
||||||
from django.core.files import File
|
from django.core.files import File
|
||||||
from django.core.urlresolvers import reverse
|
from django.core.urlresolvers import reverse
|
||||||
from django.http import HttpResponseRedirect
|
from django.http import HttpResponseRedirect
|
||||||
@@ -19,7 +18,6 @@ from common.utils import TemporaryFile
|
|||||||
from django_gpg.exceptions import NeedPassphrase, PassphraseError
|
from django_gpg.exceptions import NeedPassphrase, PassphraseError
|
||||||
from django_gpg.permissions import permission_key_sign
|
from django_gpg.permissions import permission_key_sign
|
||||||
from documents.models import DocumentVersion
|
from documents.models import DocumentVersion
|
||||||
from permissions import Permission
|
|
||||||
|
|
||||||
from .forms import (
|
from .forms import (
|
||||||
DocumentVersionSignatureCreateForm,
|
DocumentVersionSignatureCreateForm,
|
||||||
@@ -47,13 +45,8 @@ class DocumentVersionDetachedSignatureCreateView(FormView):
|
|||||||
key = form.cleaned_data['key']
|
key = form.cleaned_data['key']
|
||||||
passphrase = form.cleaned_data['passphrase'] or None
|
passphrase = form.cleaned_data['passphrase'] or None
|
||||||
|
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
self.request.user, (permission_key_sign,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_key_sign, self.request.user, key
|
permissions=permission_key_sign, user=self.request.user, obj=key
|
||||||
)
|
)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
@@ -103,14 +96,9 @@ class DocumentVersionDetachedSignatureCreateView(FormView):
|
|||||||
).form_valid(form)
|
).form_valid(form)
|
||||||
|
|
||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_document_version_sign_detached,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_version_sign_detached, request.user,
|
permissions=permission_document_version_sign_detached,
|
||||||
self.get_document_version().document
|
user=request.user, obj=self.get_document_version().document
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(
|
return super(
|
||||||
@@ -153,13 +141,8 @@ class DocumentVersionEmbeddedSignatureCreateView(FormView):
|
|||||||
key = form.cleaned_data['key']
|
key = form.cleaned_data['key']
|
||||||
passphrase = form.cleaned_data['passphrase'] or None
|
passphrase = form.cleaned_data['passphrase'] or None
|
||||||
|
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
self.request.user, (permission_key_sign,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_key_sign, self.request.user, key
|
permissions=permission_key_sign, user=self.request.user, obj=key
|
||||||
)
|
)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
@@ -214,14 +197,9 @@ class DocumentVersionEmbeddedSignatureCreateView(FormView):
|
|||||||
).form_valid(form)
|
).form_valid(form)
|
||||||
|
|
||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_document_version_sign_embedded,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_version_sign_embedded, request.user,
|
permissions=permission_document_version_sign_embedded,
|
||||||
self.get_document_version().document
|
user=request.user, obj=self.get_document_version().document
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(
|
return super(
|
||||||
@@ -312,14 +290,9 @@ class DocumentVersionSignatureDownloadView(SingleObjectDownloadView):
|
|||||||
|
|
||||||
class DocumentVersionSignatureListView(SingleObjectListView):
|
class DocumentVersionSignatureListView(SingleObjectListView):
|
||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_document_version_signature_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_version_signature_view, request.user,
|
permissions=permission_document_version_signature_view,
|
||||||
self.get_document_version()
|
user=request.user, obj=self.get_document_version()
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(
|
return super(
|
||||||
@@ -349,14 +322,9 @@ class DocumentVersionSignatureUploadView(SingleObjectCreateView):
|
|||||||
model = DetachedSignature
|
model = DetachedSignature
|
||||||
|
|
||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_document_version_signature_upload,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_version_signature_upload, request.user,
|
permissions=permission_document_version_signature_upload,
|
||||||
self.get_document_version()
|
user=request.user, obj=self.get_document_version()
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(
|
return super(
|
||||||
|
|||||||
@@ -1,7 +1,6 @@
|
|||||||
from __future__ import absolute_import, unicode_literals
|
from __future__ import absolute_import, unicode_literals
|
||||||
|
|
||||||
from django.contrib import messages
|
from django.contrib import messages
|
||||||
from django.core.exceptions import PermissionDenied
|
|
||||||
from django.core.urlresolvers import reverse, reverse_lazy
|
from django.core.urlresolvers import reverse, reverse_lazy
|
||||||
from django.db.utils import IntegrityError
|
from django.db.utils import IntegrityError
|
||||||
from django.http import HttpResponseRedirect
|
from django.http import HttpResponseRedirect
|
||||||
@@ -16,7 +15,6 @@ from common.views import (
|
|||||||
)
|
)
|
||||||
from documents.models import Document
|
from documents.models import Document
|
||||||
from documents.views import DocumentListView
|
from documents.views import DocumentListView
|
||||||
from permissions import Permission
|
|
||||||
|
|
||||||
from .forms import (
|
from .forms import (
|
||||||
WorkflowForm, WorkflowInstanceTransitionForm, WorkflowStateForm,
|
WorkflowForm, WorkflowInstanceTransitionForm, WorkflowStateForm,
|
||||||
@@ -32,14 +30,9 @@ from .permissions import (
|
|||||||
|
|
||||||
class DocumentWorkflowInstanceListView(SingleObjectListView):
|
class DocumentWorkflowInstanceListView(SingleObjectListView):
|
||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_workflow_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_workflow_view, request.user,
|
permissions=permission_workflow_view, user=request.user,
|
||||||
self.get_document()
|
obj=self.get_document()
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(
|
return super(
|
||||||
@@ -66,13 +59,9 @@ class WorkflowDocumentListView(DocumentListView):
|
|||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
self.workflow = get_object_or_404(Workflow, pk=self.kwargs['pk'])
|
self.workflow = get_object_or_404(Workflow, pk=self.kwargs['pk'])
|
||||||
|
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_workflow_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_workflow_view, request.user, self.workflow
|
permissions=permission_workflow_view, user=request.user,
|
||||||
|
obj=self.workflow
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(
|
return super(
|
||||||
@@ -94,14 +83,9 @@ class WorkflowDocumentListView(DocumentListView):
|
|||||||
|
|
||||||
class WorkflowInstanceDetailView(SingleObjectListView):
|
class WorkflowInstanceDetailView(SingleObjectListView):
|
||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_workflow_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_workflow_view, request.user,
|
permissions=permission_workflow_view, users=request.user,
|
||||||
self.get_workflow_instance().document
|
obj=self.get_workflow_instance().document
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(
|
return super(
|
||||||
@@ -131,14 +115,9 @@ class WorkflowInstanceTransitionView(FormView):
|
|||||||
template_name = 'appearance/generic_form.html'
|
template_name = 'appearance/generic_form.html'
|
||||||
|
|
||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_workflow_transition,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_workflow_transition, request.user,
|
permissions=permission_workflow_transition, user=request.user,
|
||||||
self.get_workflow_instance().document
|
obj=self.get_workflow_instance().document
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(
|
return super(
|
||||||
@@ -249,13 +228,9 @@ class SetupWorkflowDocumentTypesView(AssignRemoveView):
|
|||||||
|
|
||||||
class SetupWorkflowStateListView(SingleObjectListView):
|
class SetupWorkflowStateListView(SingleObjectListView):
|
||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_workflow_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_workflow_view, request.user, self.get_workflow()
|
permissions=permission_workflow_view, user=request.user,
|
||||||
|
obj=self.get_workflow()
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(
|
return super(
|
||||||
|
|||||||
@@ -2,7 +2,6 @@ from __future__ import absolute_import, unicode_literals
|
|||||||
|
|
||||||
import logging
|
import logging
|
||||||
|
|
||||||
from django.core.exceptions import PermissionDenied
|
|
||||||
from django.http import HttpResponse
|
from django.http import HttpResponse
|
||||||
from django.shortcuts import get_object_or_404
|
from django.shortcuts import get_object_or_404
|
||||||
|
|
||||||
@@ -11,7 +10,6 @@ from rest_framework import generics, status
|
|||||||
from rest_framework.response import Response
|
from rest_framework.response import Response
|
||||||
|
|
||||||
from acls.models import AccessControlList
|
from acls.models import AccessControlList
|
||||||
from permissions import Permission
|
|
||||||
from rest_api.filters import MayanObjectPermissionsFilter
|
from rest_api.filters import MayanObjectPermissionsFilter
|
||||||
from rest_api.permissions import MayanPermission
|
from rest_api.permissions import MayanPermission
|
||||||
|
|
||||||
@@ -379,14 +377,9 @@ class APIDocumentTypeDocumentListView(generics.ListAPIView):
|
|||||||
|
|
||||||
def get_queryset(self):
|
def get_queryset(self):
|
||||||
document_type = get_object_or_404(DocumentType, pk=self.kwargs['pk'])
|
document_type = get_object_or_404(DocumentType, pk=self.kwargs['pk'])
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
self.request.user, (permission_document_type_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_type_view, self.request.user,
|
permissions=permission_document_type_view, user=self.request.user,
|
||||||
document_type
|
obj=document_type
|
||||||
)
|
)
|
||||||
|
|
||||||
return document_type.documents.all()
|
return document_type.documents.all()
|
||||||
|
|||||||
@@ -25,7 +25,6 @@ from common.mixins import MultipleInstanceActionMixin
|
|||||||
from converter.literals import DEFAULT_ZOOM_LEVEL
|
from converter.literals import DEFAULT_ZOOM_LEVEL
|
||||||
from converter.models import Transformation
|
from converter.models import Transformation
|
||||||
from converter.permissions import permission_transformation_delete
|
from converter.permissions import permission_transformation_delete
|
||||||
from permissions import Permission
|
|
||||||
|
|
||||||
from .events import event_document_download, event_document_view
|
from .events import event_document_download, event_document_view
|
||||||
from .forms import (
|
from .forms import (
|
||||||
@@ -111,13 +110,9 @@ class DeletedDocumentDeleteView(ConfirmView):
|
|||||||
Document.passthrough, pk=instance.pk
|
Document.passthrough, pk=instance.pk
|
||||||
)
|
)
|
||||||
|
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
self.request.user, (permission_document_delete,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_delete, self.request.user, source_document
|
permissions=permission_document_delete, user=self.request.user,
|
||||||
|
obj=source_document
|
||||||
)
|
)
|
||||||
|
|
||||||
instance.delete()
|
instance.delete()
|
||||||
@@ -180,13 +175,9 @@ class DocumentRestoreView(ConfirmView):
|
|||||||
Document.passthrough, pk=instance.pk
|
Document.passthrough, pk=instance.pk
|
||||||
)
|
)
|
||||||
|
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
self.request.user, (permission_document_restore,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_restore, self.request.user, source_document
|
permissions=permission_document_restore, user=self.request.user,
|
||||||
|
obj=source_document
|
||||||
)
|
)
|
||||||
|
|
||||||
instance.restore()
|
instance.restore()
|
||||||
@@ -214,14 +205,9 @@ class DocumentRestoreManyView(MultipleInstanceActionMixin, DocumentRestoreView):
|
|||||||
|
|
||||||
class DocumentPageListView(SingleObjectListView):
|
class DocumentPageListView(SingleObjectListView):
|
||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
self.request.user, (permission_document_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_view, self.request.user,
|
permissions=permission_document_view, user=self.request.user,
|
||||||
self.get_document()
|
obj=self.get_document()
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(
|
return super(
|
||||||
@@ -245,15 +231,11 @@ class DocumentPageView(SimpleView):
|
|||||||
template_name = 'appearance/generic_form.html'
|
template_name = 'appearance/generic_form.html'
|
||||||
|
|
||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_document_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_view, request.user,
|
permissions=permission_document_view, user=request.user,
|
||||||
self.get_object().document
|
obj=self.get_object().document
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(
|
return super(
|
||||||
DocumentPageView, self
|
DocumentPageView, self
|
||||||
).dispatch(request, *args, **kwargs)
|
).dispatch(request, *args, **kwargs)
|
||||||
@@ -329,13 +311,9 @@ class DocumentTrashView(ConfirmView):
|
|||||||
return reverse('documents:document_list_recent')
|
return reverse('documents:document_list_recent')
|
||||||
|
|
||||||
def object_action(self, instance):
|
def object_action(self, instance):
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
self.request.user, (permission_document_trash,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_trash, self.request.user, instance
|
permissions=permission_document_trash, user=self.request.user,
|
||||||
|
obj=instance
|
||||||
)
|
)
|
||||||
|
|
||||||
instance.delete()
|
instance.delete()
|
||||||
@@ -437,14 +415,9 @@ class DocumentTypeFilenameCreateView(SingleObjectCreateView):
|
|||||||
form_class = DocumentTypeFilenameForm_create
|
form_class = DocumentTypeFilenameForm_create
|
||||||
|
|
||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_document_type_edit,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_type_edit, request.user,
|
permissions=permission_document_type_edit, user=request.user,
|
||||||
self.get_document_type()
|
obj=self.get_document_type()
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(DocumentTypeFilenameCreateView, self).dispatch(
|
return super(DocumentTypeFilenameCreateView, self).dispatch(
|
||||||
@@ -543,13 +516,9 @@ class DocumentTypeFilenameListView(SingleObjectListView):
|
|||||||
|
|
||||||
class DocumentVersionListView(SingleObjectListView):
|
class DocumentVersionListView(SingleObjectListView):
|
||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_document_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_view, request.user, self.get_document()
|
permissions=permission_document_view, user=request.user,
|
||||||
|
obj=self.get_document()
|
||||||
)
|
)
|
||||||
|
|
||||||
self.get_document().add_as_recent_document_for_user(request.user)
|
self.get_document().add_as_recent_document_for_user(request.user)
|
||||||
@@ -1045,10 +1014,10 @@ def document_multiple_clear_transformations(request):
|
|||||||
def document_page_navigation_next(request, document_page_id):
|
def document_page_navigation_next(request, document_page_id):
|
||||||
document_page = get_object_or_404(DocumentPage, pk=document_page_id)
|
document_page = get_object_or_404(DocumentPage, pk=document_page_id)
|
||||||
|
|
||||||
try:
|
AccessControlList.objects.check_access(
|
||||||
Permission.check_permissions(request.user, (permission_document_view,))
|
permissions=permission_document_view, user=request.user,
|
||||||
except PermissionDenied:
|
obj=document_page.document
|
||||||
AccessControlList.objects.check_access(permission_document_view, request.user, document_page.document)
|
)
|
||||||
|
|
||||||
view = resolve(urlparse.urlparse(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))).path).view_name
|
view = resolve(urlparse.urlparse(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))).path).view_name
|
||||||
|
|
||||||
@@ -1063,10 +1032,10 @@ def document_page_navigation_next(request, document_page_id):
|
|||||||
def document_page_navigation_previous(request, document_page_id):
|
def document_page_navigation_previous(request, document_page_id):
|
||||||
document_page = get_object_or_404(DocumentPage, pk=document_page_id)
|
document_page = get_object_or_404(DocumentPage, pk=document_page_id)
|
||||||
|
|
||||||
try:
|
AccessControlList.objects.check_access(
|
||||||
Permission.check_permissions(request.user, (permission_document_view,))
|
permissions=permission_document_view, user=request.user,
|
||||||
except PermissionDenied:
|
obj=document_page.document
|
||||||
AccessControlList.objects.check_access(permission_document_view, request.user, document_page.document)
|
)
|
||||||
|
|
||||||
view = resolve(urlparse.urlparse(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))).path).view_name
|
view = resolve(urlparse.urlparse(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))).path).view_name
|
||||||
|
|
||||||
@@ -1082,10 +1051,10 @@ def document_page_navigation_first(request, document_page_id):
|
|||||||
document_page = get_object_or_404(DocumentPage, pk=document_page_id)
|
document_page = get_object_or_404(DocumentPage, pk=document_page_id)
|
||||||
document_page = get_object_or_404(document_page.siblings, page_number=1)
|
document_page = get_object_or_404(document_page.siblings, page_number=1)
|
||||||
|
|
||||||
try:
|
AccessControlList.objects.check_access(
|
||||||
Permission.check_permissions(request.user, (permission_document_view,))
|
permissions=permission_document_view, user=request.user,
|
||||||
except PermissionDenied:
|
obj=document_page.document
|
||||||
AccessControlList.objects.check_access(permission_document_view, request.user, document_page.document)
|
)
|
||||||
|
|
||||||
view = resolve(urlparse.urlparse(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))).path).view_name
|
view = resolve(urlparse.urlparse(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))).path).view_name
|
||||||
|
|
||||||
@@ -1096,10 +1065,10 @@ def document_page_navigation_last(request, document_page_id):
|
|||||||
document_page = get_object_or_404(DocumentPage, pk=document_page_id)
|
document_page = get_object_or_404(DocumentPage, pk=document_page_id)
|
||||||
document_page = get_object_or_404(document_page.siblings, page_number=document_page.siblings.count())
|
document_page = get_object_or_404(document_page.siblings, page_number=document_page.siblings.count())
|
||||||
|
|
||||||
try:
|
AccessControlList.objects.check_access(
|
||||||
Permission.check_permissions(request.user, (permission_document_view,))
|
permissions=permission_document_view, user=request.user,
|
||||||
except PermissionDenied:
|
obj=document_page.document
|
||||||
AccessControlList.objects.check_access(permission_document_view, request.user, document_page.document)
|
)
|
||||||
|
|
||||||
view = resolve(urlparse.urlparse(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))).path).view_name
|
view = resolve(urlparse.urlparse(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))).path).view_name
|
||||||
|
|
||||||
@@ -1109,10 +1078,10 @@ def document_page_navigation_last(request, document_page_id):
|
|||||||
def transform_page(request, document_page_id, zoom_function=None, rotation_function=None):
|
def transform_page(request, document_page_id, zoom_function=None, rotation_function=None):
|
||||||
document_page = get_object_or_404(DocumentPage, pk=document_page_id)
|
document_page = get_object_or_404(DocumentPage, pk=document_page_id)
|
||||||
|
|
||||||
try:
|
AccessControlList.objects.check_access(
|
||||||
Permission.check_permissions(request.user, (permission_document_view,))
|
permissions=permission_document_view, user=request.user,
|
||||||
except PermissionDenied:
|
obj=document_page.document
|
||||||
AccessControlList.objects.check_access(permission_document_view, request.user, document_page.document)
|
)
|
||||||
|
|
||||||
view = resolve(urlparse.urlparse(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))).path).view_name
|
view = resolve(urlparse.urlparse(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))).path).view_name
|
||||||
|
|
||||||
@@ -1172,10 +1141,9 @@ def document_page_rotate_left(request, document_page_id):
|
|||||||
def document_print(request, document_id):
|
def document_print(request, document_id):
|
||||||
document = get_object_or_404(Document, pk=document_id)
|
document = get_object_or_404(Document, pk=document_id)
|
||||||
|
|
||||||
try:
|
AccessControlList.objects.check_access(
|
||||||
Permission.check_permissions(request.user, (permission_document_print,))
|
permissions=permission_document_print, user=request.user, obj=document
|
||||||
except PermissionDenied:
|
)
|
||||||
AccessControlList.objects.check_access(permission_document_print, request.user, document)
|
|
||||||
|
|
||||||
document.add_as_recent_document_for_user(request.user)
|
document.add_as_recent_document_for_user(request.user)
|
||||||
|
|
||||||
|
|||||||
@@ -1,7 +1,6 @@
|
|||||||
from __future__ import absolute_import, unicode_literals
|
from __future__ import absolute_import, unicode_literals
|
||||||
|
|
||||||
from django.contrib.contenttypes.models import ContentType
|
from django.contrib.contenttypes.models import ContentType
|
||||||
from django.core.exceptions import PermissionDenied
|
|
||||||
from django.http import Http404
|
from django.http import Http404
|
||||||
from django.shortcuts import get_object_or_404
|
from django.shortcuts import get_object_or_404
|
||||||
from django.utils.translation import ugettext_lazy as _
|
from django.utils.translation import ugettext_lazy as _
|
||||||
@@ -11,7 +10,6 @@ from actstream.models import Action, any_stream
|
|||||||
from acls.models import AccessControlList
|
from acls.models import AccessControlList
|
||||||
from common.utils import encapsulate
|
from common.utils import encapsulate
|
||||||
from common.views import SingleObjectListView
|
from common.views import SingleObjectListView
|
||||||
from permissions import Permission
|
|
||||||
|
|
||||||
from .classes import Event
|
from .classes import Event
|
||||||
from .permissions import permission_events_view
|
from .permissions import permission_events_view
|
||||||
@@ -55,13 +53,9 @@ class ObjectEventListView(EventListView):
|
|||||||
except self.object_content_type.model_class().DoesNotExist:
|
except self.object_content_type.model_class().DoesNotExist:
|
||||||
raise Http404
|
raise Http404
|
||||||
|
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, permissions=(permission_events_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_events_view, request.user, self.content_object
|
permissions=permission_events_view, user=request.user,
|
||||||
|
obj=self.content_object
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(
|
return super(
|
||||||
|
|||||||
@@ -1,6 +1,5 @@
|
|||||||
from __future__ import absolute_import, unicode_literals
|
from __future__ import absolute_import, unicode_literals
|
||||||
|
|
||||||
from django.core.exceptions import PermissionDenied
|
|
||||||
from django.shortcuts import get_object_or_404
|
from django.shortcuts import get_object_or_404
|
||||||
|
|
||||||
from rest_framework import generics
|
from rest_framework import generics
|
||||||
@@ -9,7 +8,6 @@ from rest_framework.response import Response
|
|||||||
from acls.models import AccessControlList
|
from acls.models import AccessControlList
|
||||||
from documents.models import Document
|
from documents.models import Document
|
||||||
from documents.permissions import permission_document_view
|
from documents.permissions import permission_document_view
|
||||||
from permissions import Permission
|
|
||||||
from rest_api.filters import MayanObjectPermissionsFilter
|
from rest_api.filters import MayanObjectPermissionsFilter
|
||||||
from rest_api.permissions import MayanPermission
|
from rest_api.permissions import MayanPermission
|
||||||
|
|
||||||
@@ -37,13 +35,9 @@ class APIDocumentFolderListView(generics.ListAPIView):
|
|||||||
|
|
||||||
def get_queryset(self):
|
def get_queryset(self):
|
||||||
document = get_object_or_404(Document, pk=self.kwargs['pk'])
|
document = get_object_or_404(Document, pk=self.kwargs['pk'])
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
self.request.user, (permission_document_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_view, self.request.user, document
|
permissions=permission_document_view, user=self.request.user,
|
||||||
|
obj=document
|
||||||
)
|
)
|
||||||
|
|
||||||
queryset = document.document_folders().all()
|
queryset = document.document_folders().all()
|
||||||
@@ -207,13 +201,9 @@ class APIFolderDocumentView(generics.RetrieveDestroyAPIView):
|
|||||||
def retrieve(self, request, *args, **kwargs):
|
def retrieve(self, request, *args, **kwargs):
|
||||||
instance = self.get_object()
|
instance = self.get_object()
|
||||||
|
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
self.request.user, (permission_document_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_view, self.request.user, instance
|
permissions=permission_document_view, user=self.request.user,
|
||||||
|
obj=instance
|
||||||
)
|
)
|
||||||
|
|
||||||
serializer = self.get_serializer(instance)
|
serializer = self.get_serializer(instance)
|
||||||
|
|||||||
@@ -4,7 +4,6 @@ import logging
|
|||||||
|
|
||||||
from django.conf import settings
|
from django.conf import settings
|
||||||
from django.contrib import messages
|
from django.contrib import messages
|
||||||
from django.core.exceptions import PermissionDenied
|
|
||||||
from django.core.urlresolvers import reverse, reverse_lazy
|
from django.core.urlresolvers import reverse, reverse_lazy
|
||||||
from django.http import HttpResponseRedirect
|
from django.http import HttpResponseRedirect
|
||||||
from django.shortcuts import get_object_or_404, render_to_response
|
from django.shortcuts import get_object_or_404, render_to_response
|
||||||
@@ -19,7 +18,6 @@ from common.views import (
|
|||||||
from documents.permissions import permission_document_view
|
from documents.permissions import permission_document_view
|
||||||
from documents.models import Document
|
from documents.models import Document
|
||||||
from documents.views import DocumentListView
|
from documents.views import DocumentListView
|
||||||
from permissions import Permission
|
|
||||||
|
|
||||||
from .forms import FolderListForm
|
from .forms import FolderListForm
|
||||||
from .models import Folder
|
from .models import Folder
|
||||||
@@ -69,13 +67,9 @@ class FolderDetailView(DocumentListView):
|
|||||||
def get_folder(self):
|
def get_folder(self):
|
||||||
folder = get_object_or_404(Folder, pk=self.kwargs['pk'])
|
folder = get_object_or_404(Folder, pk=self.kwargs['pk'])
|
||||||
|
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
self.request.user, (permission_folder_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_folder_view, self.request.user, folder
|
permissions=permission_folder_view, user=self.request.user,
|
||||||
|
obj=folder
|
||||||
)
|
)
|
||||||
|
|
||||||
return folder
|
return folder
|
||||||
@@ -109,16 +103,14 @@ class DocumentFolderListView(FolderListView):
|
|||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
self.document = get_object_or_404(Document, pk=self.kwargs['pk'])
|
self.document = get_object_or_404(Document, pk=self.kwargs['pk'])
|
||||||
|
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_document_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_view, request.user, self.document
|
permissions=permission_document_view, user=request.user,
|
||||||
|
obj=self.document
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(DocumentFolderListView, self).dispatch(request, *args, **kwargs)
|
return super(DocumentFolderListView, self).dispatch(
|
||||||
|
request, *args, **kwargs
|
||||||
|
)
|
||||||
|
|
||||||
def get_extra_context(self):
|
def get_extra_context(self):
|
||||||
return {
|
return {
|
||||||
|
|||||||
@@ -3,7 +3,6 @@ from __future__ import absolute_import, unicode_literals
|
|||||||
import logging
|
import logging
|
||||||
|
|
||||||
from django.contrib import messages
|
from django.contrib import messages
|
||||||
from django.core.exceptions import PermissionDenied
|
|
||||||
from django.core.urlresolvers import reverse, reverse_lazy
|
from django.core.urlresolvers import reverse, reverse_lazy
|
||||||
from django.shortcuts import get_object_or_404
|
from django.shortcuts import get_object_or_404
|
||||||
from django.utils.translation import ugettext_lazy as _
|
from django.utils.translation import ugettext_lazy as _
|
||||||
@@ -16,7 +15,6 @@ from common.generics import (
|
|||||||
from documents.models import Document, DocumentType
|
from documents.models import Document, DocumentType
|
||||||
from documents.permissions import permission_document_view
|
from documents.permissions import permission_document_view
|
||||||
from documents.views import DocumentListView
|
from documents.views import DocumentListView
|
||||||
from permissions import Permission
|
|
||||||
|
|
||||||
from .forms import SmartLinkConditionForm, SmartLinkForm
|
from .forms import SmartLinkConditionForm, SmartLinkForm
|
||||||
from .models import ResolvedSmartLink, SmartLink, SmartLinkCondition
|
from .models import ResolvedSmartLink, SmartLink, SmartLinkCondition
|
||||||
@@ -37,22 +35,14 @@ class ResolvedSmartLinkView(DocumentListView):
|
|||||||
SmartLink, pk=self.kwargs['smart_link_pk']
|
SmartLink, pk=self.kwargs['smart_link_pk']
|
||||||
)
|
)
|
||||||
|
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_document_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_view, request.user, self.document
|
permissions=permission_document_view, user=request.user,
|
||||||
|
obj=self.document
|
||||||
)
|
)
|
||||||
|
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_smart_link_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_smart_link_view, request.user, self.smart_link
|
permissions=permission_smart_link_view, user=request.user,
|
||||||
|
obj=self.smart_link
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(
|
return super(
|
||||||
@@ -151,13 +141,9 @@ class DocumentSmartLinkListView(SmartLinkListView):
|
|||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
self.document = get_object_or_404(Document, pk=self.kwargs['pk'])
|
self.document = get_object_or_404(Document, pk=self.kwargs['pk'])
|
||||||
|
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_document_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_view, request.user, self.document
|
permissions=permission_document_view, user=request.user,
|
||||||
|
obj=self.document
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(
|
return super(
|
||||||
@@ -234,15 +220,11 @@ class SmartLinkConditionCreateView(SingleObjectCreateView):
|
|||||||
form_class = SmartLinkConditionForm
|
form_class = SmartLinkConditionForm
|
||||||
|
|
||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_smart_link_edit,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
(permission_smart_link_edit,), request.user,
|
permissions=permission_smart_link_edit, user=request.user,
|
||||||
self.get_smart_link()
|
obj=self.get_smart_link()
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(
|
return super(
|
||||||
SmartLinkConditionCreateView, self
|
SmartLinkConditionCreateView, self
|
||||||
).dispatch(request, *args, **kwargs)
|
).dispatch(request, *args, **kwargs)
|
||||||
@@ -277,14 +259,9 @@ class SmartLinkConditionEditView(SingleObjectEditView):
|
|||||||
model = SmartLinkCondition
|
model = SmartLinkCondition
|
||||||
|
|
||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_smart_link_edit,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
(permission_smart_link_edit,), request.user,
|
permissions=permission_smart_link_edit, user=request.user,
|
||||||
self.get_object().smart_link
|
obj=self.get_object().smart_link
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(
|
return super(
|
||||||
@@ -311,14 +288,9 @@ class SmartLinkConditionDeleteView(SingleObjectDeleteView):
|
|||||||
model = SmartLinkCondition
|
model = SmartLinkCondition
|
||||||
|
|
||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_smart_link_edit,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
(permission_smart_link_edit,), request.user,
|
permissions=permission_smart_link_edit, user=request.user,
|
||||||
self.get_object().smart_link
|
obj=self.get_object().smart_link
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(
|
return super(
|
||||||
|
|||||||
@@ -1,6 +1,5 @@
|
|||||||
from __future__ import absolute_import, unicode_literals
|
from __future__ import absolute_import, unicode_literals
|
||||||
|
|
||||||
from django.core.exceptions import PermissionDenied
|
|
||||||
from django.shortcuts import get_object_or_404
|
from django.shortcuts import get_object_or_404
|
||||||
|
|
||||||
from rest_framework import generics, status, views
|
from rest_framework import generics, status, views
|
||||||
@@ -11,7 +10,6 @@ from documents.models import Document, DocumentType
|
|||||||
from documents.permissions import (
|
from documents.permissions import (
|
||||||
permission_document_type_view, permission_document_type_edit
|
permission_document_type_view, permission_document_type_edit
|
||||||
)
|
)
|
||||||
from permissions import Permission
|
|
||||||
from rest_api.filters import MayanObjectPermissionsFilter
|
from rest_api.filters import MayanObjectPermissionsFilter
|
||||||
from rest_api.permissions import MayanPermission
|
from rest_api.permissions import MayanPermission
|
||||||
|
|
||||||
@@ -100,30 +98,20 @@ class APIDocumentMetadataListView(generics.ListCreateAPIView):
|
|||||||
if self.request.method == 'GET':
|
if self.request.method == 'GET':
|
||||||
# Make sure the use has the permission to see the metadata for
|
# Make sure the use has the permission to see the metadata for
|
||||||
# this document
|
# this document
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
self.request.user, (permission_metadata_document_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_metadata_document_view, self.request.user,
|
permissions=permission_metadata_document_view,
|
||||||
document
|
user=self.request.user, obj=document
|
||||||
)
|
)
|
||||||
else:
|
|
||||||
return document.metadata.all()
|
return document.metadata.all()
|
||||||
elif self.request.method == 'POST':
|
elif self.request.method == 'POST':
|
||||||
# Make sure the use has the permission to add metadata to this
|
# Make sure the use has the permission to add metadata to this
|
||||||
# document
|
# document
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
self.request.user, (permission_metadata_document_add,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_metadata_document_add, self.request.user,
|
permissions=permission_metadata_document_add,
|
||||||
document
|
user=self.request.user, obj=document
|
||||||
)
|
)
|
||||||
else:
|
|
||||||
return document.metadata.all()
|
return document.metadata.all()
|
||||||
|
|
||||||
def get_serializer_class(self):
|
def get_serializer_class(self):
|
||||||
@@ -222,14 +210,9 @@ class APIDocumentTypeMetadataTypeOptionalListView(generics.ListCreateAPIView):
|
|||||||
document_type = get_object_or_404(
|
document_type = get_object_or_404(
|
||||||
DocumentType, pk=self.kwargs['document_type_pk']
|
DocumentType, pk=self.kwargs['document_type_pk']
|
||||||
)
|
)
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
self.request.user, (permission_document_type_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_type_view, self.request.user,
|
permissions=permission_document_type_view, user=self.request.user,
|
||||||
document_type
|
obj=document_type
|
||||||
)
|
)
|
||||||
|
|
||||||
return document_type.metadata.filter(required=self.required_metadata)
|
return document_type.metadata.filter(required=self.required_metadata)
|
||||||
@@ -256,14 +239,9 @@ class APIDocumentTypeMetadataTypeOptionalListView(generics.ListCreateAPIView):
|
|||||||
DocumentType, pk=self.kwargs['document_type_pk']
|
DocumentType, pk=self.kwargs['document_type_pk']
|
||||||
)
|
)
|
||||||
|
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
self.request.user, (permission_document_type_edit,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_type_edit, self.request.user,
|
permissions=permission_document_type_edit, user=self.request.user,
|
||||||
document_type
|
obj=document_type
|
||||||
)
|
)
|
||||||
|
|
||||||
serializer = self.get_serializer(data=self.request.POST)
|
serializer = self.get_serializer(data=self.request.POST)
|
||||||
@@ -316,14 +294,9 @@ class APIDocumentTypeMetadataTypeView(views.APIView):
|
|||||||
DocumentTypeMetadataType, pk=self.kwargs['pk']
|
DocumentTypeMetadataType, pk=self.kwargs['pk']
|
||||||
)
|
)
|
||||||
|
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
self.request.user, (permission_document_type_edit,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_type_edit, self.request.user,
|
permissions=permission_document_type_edit, user=self.request.user,
|
||||||
document_type_metadata_type.document_type
|
obj=document_type_metadata_type.document_type
|
||||||
)
|
)
|
||||||
|
|
||||||
document_type_metadata_type.delete()
|
document_type_metadata_type.delete()
|
||||||
|
|||||||
@@ -19,7 +19,6 @@ from documents.models import Document, DocumentType
|
|||||||
from documents.permissions import (
|
from documents.permissions import (
|
||||||
permission_document_type_edit
|
permission_document_type_edit
|
||||||
)
|
)
|
||||||
from permissions import Permission
|
|
||||||
|
|
||||||
from .api import save_metadata_list
|
from .api import save_metadata_list
|
||||||
from .forms import (
|
from .forms import (
|
||||||
@@ -464,14 +463,9 @@ def metadata_multiple_remove(request):
|
|||||||
|
|
||||||
class DocumentMetadataListView(SingleObjectListView):
|
class DocumentMetadataListView(SingleObjectListView):
|
||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
self.request.user, (permission_metadata_document_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_metadata_document_view, self.request.user,
|
permissions=permission_metadata_document_view,
|
||||||
self.get_document()
|
user=self.request.user, obj=self.get_document()
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(DocumentMetadataListView, self).dispatch(
|
return super(DocumentMetadataListView, self).dispatch(
|
||||||
|
|||||||
@@ -15,7 +15,6 @@ from django.utils.encoding import smart_str, smart_unicode
|
|||||||
from django.utils.http import urlencode, urlquote
|
from django.utils.http import urlencode, urlquote
|
||||||
|
|
||||||
from common.utils import return_attrib
|
from common.utils import return_attrib
|
||||||
from permissions import Permission
|
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
@@ -250,17 +249,11 @@ class Link(object):
|
|||||||
# If this link has a required permission check that the user have it
|
# If this link has a required permission check that the user have it
|
||||||
# too
|
# too
|
||||||
if self.permissions:
|
if self.permissions:
|
||||||
try:
|
|
||||||
Permission.check_permissions(request.user, self.permissions)
|
|
||||||
except PermissionDenied:
|
|
||||||
# If the user doesn't have the permission, and we are passed
|
|
||||||
# an instance, check to see if the user has at least ACL
|
|
||||||
# access to the instance.
|
|
||||||
if resolved_object:
|
if resolved_object:
|
||||||
try:
|
try:
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
self.permissions, request.user, resolved_object,
|
permissions=self.permissions, user=request.user,
|
||||||
related=self.permissions_related
|
obj=resolved_object, related=self.permissions_related
|
||||||
)
|
)
|
||||||
except PermissionDenied:
|
except PermissionDenied:
|
||||||
return None
|
return None
|
||||||
|
|||||||
@@ -1,7 +1,6 @@
|
|||||||
from __future__ import absolute_import, unicode_literals
|
from __future__ import absolute_import, unicode_literals
|
||||||
|
|
||||||
from django.contrib import messages
|
from django.contrib import messages
|
||||||
from django.core.exceptions import PermissionDenied
|
|
||||||
from django.core.urlresolvers import reverse
|
from django.core.urlresolvers import reverse
|
||||||
from django.http import HttpResponseRedirect
|
from django.http import HttpResponseRedirect
|
||||||
from django.shortcuts import get_object_or_404
|
from django.shortcuts import get_object_or_404
|
||||||
@@ -14,7 +13,6 @@ from common.generics import (
|
|||||||
)
|
)
|
||||||
from common.mixins import MultipleInstanceActionMixin
|
from common.mixins import MultipleInstanceActionMixin
|
||||||
from documents.models import Document, DocumentType
|
from documents.models import Document, DocumentType
|
||||||
from permissions import Permission
|
|
||||||
|
|
||||||
from .forms import DocumentContentForm, DocumentTypeSelectForm
|
from .forms import DocumentContentForm, DocumentTypeSelectForm
|
||||||
from .models import DocumentVersionOCRError
|
from .models import DocumentVersionOCRError
|
||||||
@@ -52,13 +50,9 @@ class DocumentSubmitView(ConfirmView):
|
|||||||
return Document.objects.get(pk=self.kwargs['pk'])
|
return Document.objects.get(pk=self.kwargs['pk'])
|
||||||
|
|
||||||
def object_action(self, instance):
|
def object_action(self, instance):
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
self.request.user, (permission_ocr_document,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_ocr_document, self.request.user, instance
|
permissions=permission_ocr_document, user=self.request.user,
|
||||||
|
obj=instance
|
||||||
)
|
)
|
||||||
|
|
||||||
instance.submit_for_ocr()
|
instance.submit_for_ocr()
|
||||||
|
|||||||
@@ -54,9 +54,14 @@ class Permission(object):
|
|||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def check_permissions(cls, requester, permissions):
|
def check_permissions(cls, requester, permissions):
|
||||||
|
try:
|
||||||
for permission in permissions:
|
for permission in permissions:
|
||||||
if permission.stored_permission.requester_has_this(requester):
|
if permission.stored_permission.requester_has_this(requester):
|
||||||
return True
|
return True
|
||||||
|
except TypeError:
|
||||||
|
# Not a list of permissions, just one
|
||||||
|
if permissions.stored_permission.requester_has_this(requester):
|
||||||
|
return True
|
||||||
|
|
||||||
logger.debug('no permission')
|
logger.debug('no permission')
|
||||||
|
|
||||||
|
|||||||
@@ -32,9 +32,6 @@ class MayanPermission(BasePermission):
|
|||||||
).get(request.method, None)
|
).get(request.method, None)
|
||||||
|
|
||||||
if required_permission:
|
if required_permission:
|
||||||
try:
|
|
||||||
Permission.check_permissions(request.user, required_permission)
|
|
||||||
except PermissionDenied:
|
|
||||||
try:
|
try:
|
||||||
if hasattr(view, 'mayan_permission_attribute_check'):
|
if hasattr(view, 'mayan_permission_attribute_check'):
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
@@ -44,7 +41,8 @@ class MayanPermission(BasePermission):
|
|||||||
)
|
)
|
||||||
else:
|
else:
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
required_permission, request.user, obj
|
permissions=required_permission, user=request.user,
|
||||||
|
obj=obj
|
||||||
)
|
)
|
||||||
except PermissionDenied:
|
except PermissionDenied:
|
||||||
return False
|
return False
|
||||||
@@ -52,5 +50,3 @@ class MayanPermission(BasePermission):
|
|||||||
return True
|
return True
|
||||||
else:
|
else:
|
||||||
return True
|
return True
|
||||||
else:
|
|
||||||
return True
|
|
||||||
|
|||||||
@@ -1,7 +1,6 @@
|
|||||||
from __future__ import absolute_import, unicode_literals
|
from __future__ import absolute_import, unicode_literals
|
||||||
|
|
||||||
from django.contrib import messages
|
from django.contrib import messages
|
||||||
from django.core.exceptions import PermissionDenied
|
|
||||||
from django.core.urlresolvers import reverse, reverse_lazy
|
from django.core.urlresolvers import reverse, reverse_lazy
|
||||||
from django.http import HttpResponseRedirect
|
from django.http import HttpResponseRedirect
|
||||||
from django.shortcuts import get_object_or_404
|
from django.shortcuts import get_object_or_404
|
||||||
@@ -23,7 +22,6 @@ from documents.permissions import (
|
|||||||
from documents.tasks import task_upload_new_version
|
from documents.tasks import task_upload_new_version
|
||||||
from metadata.api import decode_metadata_from_url
|
from metadata.api import decode_metadata_from_url
|
||||||
from navigation import Link
|
from navigation import Link
|
||||||
from permissions import Permission
|
|
||||||
|
|
||||||
from .forms import (
|
from .forms import (
|
||||||
NewDocumentForm, NewVersionForm, WebFormUploadForm,
|
NewDocumentForm, NewVersionForm, WebFormUploadForm,
|
||||||
@@ -195,14 +193,9 @@ class UploadInteractiveView(UploadBaseView):
|
|||||||
)
|
)
|
||||||
)
|
)
|
||||||
|
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_document_create,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_create, request.user,
|
permissions=permission_document_create, user=request.user,
|
||||||
self.document_type
|
obj=self.document_type
|
||||||
)
|
)
|
||||||
|
|
||||||
self.tab_links = UploadBaseView.get_active_tab_links()
|
self.tab_links = UploadBaseView.get_active_tab_links()
|
||||||
@@ -333,14 +326,9 @@ class UploadInteractiveVersionView(UploadBaseView):
|
|||||||
)
|
)
|
||||||
)
|
)
|
||||||
|
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
self.request.user, (permission_document_new_version,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_new_version, self.request.user,
|
permissions=permission_document_new_version,
|
||||||
self.document
|
user=self.request.user, obj=self.document
|
||||||
)
|
)
|
||||||
|
|
||||||
self.tab_links = UploadBaseView.get_active_tab_links(self.document)
|
self.tab_links = UploadBaseView.get_active_tab_links(self.document)
|
||||||
|
|||||||
@@ -1,6 +1,5 @@
|
|||||||
from __future__ import absolute_import, unicode_literals
|
from __future__ import absolute_import, unicode_literals
|
||||||
|
|
||||||
from django.core.exceptions import PermissionDenied
|
|
||||||
from django.shortcuts import get_object_or_404
|
from django.shortcuts import get_object_or_404
|
||||||
|
|
||||||
from rest_framework import generics
|
from rest_framework import generics
|
||||||
@@ -11,7 +10,6 @@ from acls.models import AccessControlList
|
|||||||
from documents.models import Document
|
from documents.models import Document
|
||||||
from documents.permissions import permission_document_view
|
from documents.permissions import permission_document_view
|
||||||
from documents.serializers import DocumentSerializer
|
from documents.serializers import DocumentSerializer
|
||||||
from permissions import Permission
|
|
||||||
from rest_api.filters import MayanObjectPermissionsFilter
|
from rest_api.filters import MayanObjectPermissionsFilter
|
||||||
from rest_api.permissions import MayanPermission
|
from rest_api.permissions import MayanPermission
|
||||||
|
|
||||||
@@ -105,13 +103,9 @@ class APITagDocumentListView(generics.ListAPIView):
|
|||||||
|
|
||||||
def get_queryset(self):
|
def get_queryset(self):
|
||||||
tag = get_object_or_404(Tag, pk=self.kwargs['pk'])
|
tag = get_object_or_404(Tag, pk=self.kwargs['pk'])
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
self.request.user, (permission_tag_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_tag_view, self.request.user, tag
|
permissions=permission_tag_view, user=self.request.user, obj=tag
|
||||||
)
|
)
|
||||||
|
|
||||||
return tag.documents.all()
|
return tag.documents.all()
|
||||||
@@ -130,13 +124,10 @@ class APIDocumentTagListView(generics.ListCreateAPIView):
|
|||||||
|
|
||||||
def get_queryset(self):
|
def get_queryset(self):
|
||||||
document = self.get_document()
|
document = self.get_document()
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
self.request.user, (permission_document_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_view, self.request.user, document
|
permissions=permission_document_view, user=self.request.user,
|
||||||
|
obj=document
|
||||||
)
|
)
|
||||||
|
|
||||||
return document.attached_tags().all()
|
return document.attached_tags().all()
|
||||||
@@ -198,13 +189,9 @@ class APIDocumentTagView(generics.RetrieveDestroyAPIView):
|
|||||||
def get_document(self):
|
def get_document(self):
|
||||||
document = get_object_or_404(Document, pk=self.kwargs['document_pk'])
|
document = get_object_or_404(Document, pk=self.kwargs['document_pk'])
|
||||||
|
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
self.request.user, (permission_document_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_view, self.request.user, document
|
permissions=permission_document_view, user=self.request.user,
|
||||||
|
obj=document
|
||||||
)
|
)
|
||||||
return document
|
return document
|
||||||
|
|
||||||
|
|||||||
@@ -1,6 +1,5 @@
|
|||||||
from __future__ import absolute_import, unicode_literals
|
from __future__ import absolute_import, unicode_literals
|
||||||
|
|
||||||
from django.core.exceptions import PermissionDenied
|
|
||||||
from django.utils.translation import ugettext_lazy as _
|
from django.utils.translation import ugettext_lazy as _
|
||||||
|
|
||||||
from rest_framework import serializers
|
from rest_framework import serializers
|
||||||
@@ -8,7 +7,6 @@ from rest_framework.exceptions import ValidationError
|
|||||||
from rest_framework.reverse import reverse
|
from rest_framework.reverse import reverse
|
||||||
|
|
||||||
from acls.models import AccessControlList
|
from acls.models import AccessControlList
|
||||||
from permissions import Permission
|
|
||||||
|
|
||||||
from .models import Tag
|
from .models import Tag
|
||||||
from .permissions import permission_tag_attach
|
from .permissions import permission_tag_attach
|
||||||
@@ -50,13 +48,9 @@ class NewDocumentTagSerializer(serializers.Serializer):
|
|||||||
try:
|
try:
|
||||||
tag = Tag.objects.get(pk=validated_data['tag'])
|
tag = Tag.objects.get(pk=validated_data['tag'])
|
||||||
|
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
self.context['request'].user, (permission_tag_attach,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_tag_attach, self.context['request'], tag
|
permissions=permission_tag_attach,
|
||||||
|
user=self.context['request'].user, obj=tag
|
||||||
)
|
)
|
||||||
|
|
||||||
tag.documents.add(validated_data['document'])
|
tag.documents.add(validated_data['document'])
|
||||||
|
|||||||
@@ -18,7 +18,6 @@ from common.views import (
|
|||||||
from documents.models import Document
|
from documents.models import Document
|
||||||
from documents.views import DocumentListView
|
from documents.views import DocumentListView
|
||||||
from documents.permissions import permission_document_view
|
from documents.permissions import permission_document_view
|
||||||
from permissions import Permission
|
|
||||||
|
|
||||||
from .forms import TagListForm
|
from .forms import TagListForm
|
||||||
from .models import Tag
|
from .models import Tag
|
||||||
@@ -245,18 +244,14 @@ class DocumentTagListView(TagListView):
|
|||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
self.document = get_object_or_404(Document, pk=self.kwargs['pk'])
|
self.document = get_object_or_404(Document, pk=self.kwargs['pk'])
|
||||||
|
|
||||||
try:
|
|
||||||
Permission.check_permissions(
|
|
||||||
request.user, (permission_document_view,)
|
|
||||||
)
|
|
||||||
except PermissionDenied:
|
|
||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
permission_document_view, request.user, self.document
|
permissions=permission_document_view, user=request.user,
|
||||||
|
obj=self.document
|
||||||
)
|
)
|
||||||
|
|
||||||
return super(
|
return super(DocumentTagListView, self).dispatch(
|
||||||
DocumentTagListView, self
|
request, *args, **kwargs
|
||||||
).dispatch(request, *args, **kwargs)
|
)
|
||||||
|
|
||||||
def get_extra_context(self):
|
def get_extra_context(self):
|
||||||
return {
|
return {
|
||||||
|
|||||||
Reference in New Issue
Block a user