Reduce the check_access boilerplate code.
This commit is contained in:
Roberto Rosario
@@ -51,13 +51,18 @@ class AccessControlListManager(models.Manager):
|
||||
if user.is_superuser or user.is_staff:
|
||||
return True
|
||||
|
||||
try:
|
||||
return Permission.check_permissions(
|
||||
requester=user, permissions=permissions
|
||||
)
|
||||
except PermissionDenied:
|
||||
try:
|
||||
stored_permissions = [
|
||||
permission.stored_permission for permission in permissions
|
||||
]
|
||||
except TypeError:
|
||||
# Not a list of permissions, just one
|
||||
stored_permissions = [permissions.stored_permission]
|
||||
stored_permissions = (permissions.stored_permission,)
|
||||
|
||||
if related:
|
||||
obj = return_attrib(obj, related)
|
||||
|
||||
@@ -4,7 +4,6 @@ import itertools
|
||||
import logging
|
||||
|
||||
from django.contrib.contenttypes.models import ContentType
|
||||
from django.core.exceptions import PermissionDenied
|
||||
from django.core.urlresolvers import reverse
|
||||
from django.http import Http404, HttpResponseRedirect
|
||||
from django.shortcuts import get_object_or_404
|
||||
@@ -14,7 +13,7 @@ from common.views import (
|
||||
AssignRemoveView, SingleObjectCreateView, SingleObjectDeleteView,
|
||||
SingleObjectListView
|
||||
)
|
||||
from permissions import Permission, PermissionNamespace
|
||||
from permissions import PermissionNamespace
|
||||
from permissions.models import StoredPermission
|
||||
|
||||
from .classes import ModelPermission
|
||||
@@ -41,13 +40,9 @@ class ACLCreateView(SingleObjectCreateView):
|
||||
except self.content_type.model_class().DoesNotExist:
|
||||
raise Http404
|
||||
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, permissions=(permission_acl_edit,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_acl_edit, request.user, self.content_object
|
||||
permissions=permission_acl_edit, user=request.user,
|
||||
obj=self.content_object
|
||||
)
|
||||
|
||||
return super(ACLCreateView, self).dispatch(request, *args, **kwargs)
|
||||
@@ -92,13 +87,9 @@ class ACLDeleteView(SingleObjectDeleteView):
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
acl = get_object_or_404(AccessControlList, pk=self.kwargs['pk'])
|
||||
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, permissions=(permission_acl_edit,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_acl_edit, request.user, acl.content_object
|
||||
permissions=permission_acl_edit, user=request.user,
|
||||
obj=acl.content_object
|
||||
)
|
||||
|
||||
return super(ACLDeleteView, self).dispatch(request, *args, **kwargs)
|
||||
@@ -133,13 +124,9 @@ class ACLListView(SingleObjectListView):
|
||||
except self.content_type.model_class().DoesNotExist:
|
||||
raise Http404
|
||||
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, permissions=(permission_acl_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_acl_view, request.user, self.content_object
|
||||
permissions=permission_acl_view, user=request.user,
|
||||
obj=self.content_object
|
||||
)
|
||||
|
||||
return super(ACLListView, self).dispatch(request, *args, **kwargs)
|
||||
@@ -183,13 +170,9 @@ class ACLPermissionsView(AssignRemoveView):
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
acl = get_object_or_404(AccessControlList, pk=self.kwargs['pk'])
|
||||
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, permissions=(permission_acl_edit,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_acl_edit, request.user, acl.content_object
|
||||
permissions=permission_acl_edit, user=request.user,
|
||||
obj=acl.content_object
|
||||
)
|
||||
|
||||
return super(
|
||||
|
||||
@@ -2,7 +2,6 @@ from __future__ import absolute_import, unicode_literals
|
||||
|
||||
import pytz
|
||||
|
||||
from django.core.exceptions import PermissionDenied
|
||||
from django.shortcuts import get_object_or_404
|
||||
|
||||
from rest_framework import generics, status
|
||||
@@ -11,7 +10,6 @@ from rest_framework.response import Response
|
||||
from acls.models import AccessControlList
|
||||
from documents.models import Document
|
||||
from documents.permissions import permission_document_view
|
||||
from permissions import Permission
|
||||
|
||||
from .models import DocumentCheckout
|
||||
from .permissions import (
|
||||
@@ -60,13 +58,9 @@ class APICheckedoutDocumentListView(generics.ListCreateAPIView):
|
||||
document = get_object_or_404(
|
||||
Document, pk=serializer.data['document']
|
||||
)
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_document_checkout,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_checkout, request.user, document
|
||||
permissions=permission_document_checkout, user=request.user,
|
||||
obj=document
|
||||
)
|
||||
|
||||
timezone = pytz.utc
|
||||
@@ -126,23 +120,14 @@ class APICheckedoutDocumentView(generics.RetrieveDestroyAPIView):
|
||||
document = self.get_object().document
|
||||
|
||||
if document.checkout_info().user == request.user:
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_document_checkin,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_checkin, request.user, document
|
||||
permissions=permission_document_checkin, user=request.user,
|
||||
obj=document
|
||||
)
|
||||
else:
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_document_checkin_override,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_checkin_override, request.user,
|
||||
document
|
||||
permissions=permission_document_checkin_override,
|
||||
user=request.user, obj=document
|
||||
)
|
||||
|
||||
return super(
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
from __future__ import absolute_import, unicode_literals
|
||||
|
||||
from django.contrib import messages
|
||||
from django.core.exceptions import PermissionDenied
|
||||
from django.core.urlresolvers import reverse
|
||||
from django.http import HttpResponseRedirect
|
||||
from django.shortcuts import get_object_or_404
|
||||
@@ -15,7 +14,6 @@ from common.generics import (
|
||||
ConfirmView, SingleObjectCreateView, SingleObjectDetailView
|
||||
)
|
||||
from common.utils import encapsulate
|
||||
from permissions import Permission
|
||||
|
||||
from .exceptions import DocumentAlreadyCheckedOut, DocumentNotCheckedOut
|
||||
from .forms import DocumentCheckoutForm, DocumentCheckoutDefailForm
|
||||
@@ -32,13 +30,9 @@ class CheckoutDocumentView(SingleObjectCreateView):
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
self.document = get_object_or_404(Document, pk=self.kwargs['pk'])
|
||||
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_document_checkout,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_checkout, request.user, self.document
|
||||
permissions=permission_document_checkout, user=request.user,
|
||||
obj=self.document
|
||||
)
|
||||
|
||||
return super(
|
||||
@@ -151,23 +145,14 @@ class DocumentCheckinView(ConfirmView):
|
||||
document = self.get_object()
|
||||
|
||||
if document.checkout_info().user == self.request.user:
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
self.request.user, (permission_document_checkin,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_checkin, self.request.user, document
|
||||
permissions=permission_document_checkin,
|
||||
user=self.request.user, obj=document
|
||||
)
|
||||
else:
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
self.request.user, (permission_document_checkin_override,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_checkin_override, self.request.user,
|
||||
document
|
||||
permissions=permission_document_checkin_override,
|
||||
user=self.request.user, obj=document
|
||||
)
|
||||
|
||||
try:
|
||||
|
||||
@@ -128,14 +128,9 @@ class ObjectPermissionCheckMixin(object):
|
||||
)
|
||||
|
||||
if self.object_permission:
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (self.object_permission,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
self.object_permission, request.user,
|
||||
self.get_permission_object(),
|
||||
permissions=self.object_permission, user=request.user,
|
||||
obj=self.get_permission_object(),
|
||||
related=getattr(self, 'object_permission_related', None)
|
||||
)
|
||||
|
||||
|
||||
@@ -3,7 +3,6 @@ from __future__ import absolute_import, unicode_literals
|
||||
import logging
|
||||
|
||||
from django.contrib.contenttypes.models import ContentType
|
||||
from django.core.exceptions import PermissionDenied
|
||||
from django.core.urlresolvers import reverse
|
||||
from django.http import Http404
|
||||
from django.shortcuts import get_object_or_404
|
||||
@@ -14,7 +13,6 @@ from common.views import (
|
||||
SingleObjectCreateView, SingleObjectDeleteView, SingleObjectEditView,
|
||||
SingleObjectListView
|
||||
)
|
||||
from permissions import Permission
|
||||
|
||||
from .models import Transformation
|
||||
from .permissions import (
|
||||
@@ -33,14 +31,9 @@ class TransformationDeleteView(SingleObjectDeleteView):
|
||||
Transformation, pk=self.kwargs['pk']
|
||||
)
|
||||
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_transformation_delete,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_transformation_delete, request.user,
|
||||
self.transformation.content_object
|
||||
permissions=permission_transformation_delete, user=request.user,
|
||||
obj=self.transformation.content_object
|
||||
)
|
||||
|
||||
return super(TransformationDeleteView, self).dispatch(
|
||||
@@ -94,14 +87,9 @@ class TransformationCreateView(SingleObjectCreateView):
|
||||
except content_type.model_class().DoesNotExist:
|
||||
raise Http404
|
||||
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_transformation_create,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_transformation_create, request.user,
|
||||
self.content_object
|
||||
permissions=permission_transformation_create, user=request.user,
|
||||
obj=self.content_object
|
||||
)
|
||||
|
||||
return super(TransformationCreateView, self).dispatch(
|
||||
@@ -150,14 +138,9 @@ class TransformationEditView(SingleObjectEditView):
|
||||
Transformation, pk=self.kwargs['pk']
|
||||
)
|
||||
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_transformation_edit,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_transformation_edit, request.user,
|
||||
self.transformation.content_object
|
||||
permissions=permission_transformation_edit, user=request.user,
|
||||
obj=self.transformation.content_object
|
||||
)
|
||||
|
||||
return super(TransformationEditView, self).dispatch(
|
||||
@@ -212,14 +195,9 @@ class TransformationListView(SingleObjectListView):
|
||||
except content_type.model_class().DoesNotExist:
|
||||
raise Http404
|
||||
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_transformation_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_transformation_view, request.user,
|
||||
self.content_object
|
||||
permissions=permission_transformation_view, user=request.user,
|
||||
obj=self.content_object
|
||||
)
|
||||
|
||||
return super(TransformationListView, self).dispatch(
|
||||
|
||||
@@ -1,6 +1,5 @@
|
||||
from __future__ import absolute_import, unicode_literals
|
||||
|
||||
from django.core.exceptions import PermissionDenied
|
||||
from django.core.urlresolvers import reverse
|
||||
from django.shortcuts import get_object_or_404
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
@@ -10,7 +9,6 @@ from common.generics import (
|
||||
SingleObjectCreateView, SingleObjectDeleteView, SingleObjectListView
|
||||
)
|
||||
from documents.models import Document
|
||||
from permissions import Permission
|
||||
|
||||
from .models import Comment
|
||||
from .permissions import (
|
||||
@@ -25,13 +23,9 @@ class DocumentCommentCreateView(SingleObjectCreateView):
|
||||
object_verbose_name = _('Comment')
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_comment_create,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_comment_create, request.user, self.get_document()
|
||||
permissions=permission_comment_create, user=request.user,
|
||||
obj=self.get_document()
|
||||
)
|
||||
|
||||
return super(
|
||||
@@ -67,14 +61,9 @@ class DocumentCommentDeleteView(SingleObjectDeleteView):
|
||||
model = Comment
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_comment_delete,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_comment_delete, request.user,
|
||||
self.get_object().document
|
||||
permissions=permission_comment_delete, user=request.user,
|
||||
obj=self.get_object().document
|
||||
)
|
||||
|
||||
return super(
|
||||
@@ -102,14 +91,9 @@ class DocumentCommentListView(SingleObjectListView):
|
||||
return get_object_or_404(Document, pk=self.kwargs['pk'])
|
||||
|
||||
def get_queryset(self):
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
self.request.user, (permission_comment_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_comment_view, self.request.user,
|
||||
self.get_document()
|
||||
permissions=permission_comment_view, user=self.request.user,
|
||||
obj=self.get_document()
|
||||
)
|
||||
|
||||
return self.get_document().comments.all()
|
||||
|
||||
@@ -1,6 +1,5 @@
|
||||
from __future__ import absolute_import, unicode_literals
|
||||
|
||||
from django.core.exceptions import PermissionDenied
|
||||
from django.shortcuts import get_object_or_404
|
||||
|
||||
from rest_framework import generics
|
||||
@@ -9,7 +8,6 @@ from acls.models import AccessControlList
|
||||
from documents.models import Document
|
||||
from documents.permissions import permission_document_view
|
||||
from documents.serializers import DocumentSerializer
|
||||
from permissions import Permission
|
||||
from rest_api.filters import MayanObjectPermissionsFilter
|
||||
from rest_api.permissions import MayanPermission
|
||||
|
||||
@@ -99,14 +97,9 @@ class APIIndexNodeInstanceDocumentListView(generics.ListAPIView):
|
||||
index_node_instance = get_object_or_404(
|
||||
IndexInstanceNode, pk=self.kwargs['pk']
|
||||
)
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
self.request.user, (permission_document_indexing_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_indexing_view, self.request.user,
|
||||
index_node_instance.index
|
||||
permissions=permission_document_indexing_view,
|
||||
user=self.request.user, obj=index_node_instance.index
|
||||
)
|
||||
|
||||
return index_node_instance.documents.all()
|
||||
@@ -177,13 +170,9 @@ class APIDocumentIndexListView(generics.ListAPIView):
|
||||
|
||||
def get_queryset(self):
|
||||
document = get_object_or_404(Document, pk=self.kwargs['pk'])
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
self.request.user, (permission_document_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_view, self.request.user, document
|
||||
permissions=permission_document_view, user=self.request.user,
|
||||
obj=document
|
||||
)
|
||||
|
||||
return document.node_instances.all()
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
from __future__ import absolute_import, unicode_literals
|
||||
|
||||
from django.contrib import messages
|
||||
from django.core.exceptions import PermissionDenied
|
||||
from django.core.urlresolvers import reverse, reverse_lazy
|
||||
from django.shortcuts import get_object_or_404
|
||||
from django.utils.html import mark_safe
|
||||
@@ -15,7 +14,6 @@ from common.views import (
|
||||
from documents.models import Document, DocumentType
|
||||
from documents.permissions import permission_document_view
|
||||
from documents.views import DocumentListView
|
||||
from permissions import Permission
|
||||
|
||||
from .forms import IndexTemplateNodeForm
|
||||
from .models import (
|
||||
@@ -143,14 +141,9 @@ class TemplateNodeCreateView(SingleObjectCreateView):
|
||||
model = IndexTemplateNode
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_document_indexing_edit,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_indexing_edit, request.user,
|
||||
self.get_parent_node().index
|
||||
permissions=permission_document_indexing_edit, user=request.user,
|
||||
obj=self.get_parent_node().index
|
||||
)
|
||||
|
||||
return super(
|
||||
@@ -236,14 +229,9 @@ class IndexInstanceNodeView(DocumentListView):
|
||||
IndexInstanceNode, pk=self.kwargs['pk']
|
||||
)
|
||||
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_document_indexing_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_indexing_view,
|
||||
request.user, self.index_instance_node.index()
|
||||
permissions=permission_document_indexing_view,
|
||||
user=request.user, obj=self.index_instance_node.index()
|
||||
)
|
||||
|
||||
if self.index_instance_node:
|
||||
@@ -299,13 +287,9 @@ class DocumentIndexNodeListView(SingleObjectListView):
|
||||
object_permission_related = 'index'
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_document_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_view, request.user, self.get_document()
|
||||
permissions=permission_document_view, user=request.user,
|
||||
obj=self.get_document()
|
||||
)
|
||||
|
||||
return super(
|
||||
|
||||
@@ -3,7 +3,6 @@ from __future__ import absolute_import, unicode_literals
|
||||
import logging
|
||||
|
||||
from django.contrib import messages
|
||||
from django.core.exceptions import PermissionDenied
|
||||
from django.core.files import File
|
||||
from django.core.urlresolvers import reverse
|
||||
from django.http import HttpResponseRedirect
|
||||
@@ -19,7 +18,6 @@ from common.utils import TemporaryFile
|
||||
from django_gpg.exceptions import NeedPassphrase, PassphraseError
|
||||
from django_gpg.permissions import permission_key_sign
|
||||
from documents.models import DocumentVersion
|
||||
from permissions import Permission
|
||||
|
||||
from .forms import (
|
||||
DocumentVersionSignatureCreateForm,
|
||||
@@ -47,13 +45,8 @@ class DocumentVersionDetachedSignatureCreateView(FormView):
|
||||
key = form.cleaned_data['key']
|
||||
passphrase = form.cleaned_data['passphrase'] or None
|
||||
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
self.request.user, (permission_key_sign,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_key_sign, self.request.user, key
|
||||
permissions=permission_key_sign, user=self.request.user, obj=key
|
||||
)
|
||||
|
||||
try:
|
||||
@@ -103,14 +96,9 @@ class DocumentVersionDetachedSignatureCreateView(FormView):
|
||||
).form_valid(form)
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_document_version_sign_detached,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_version_sign_detached, request.user,
|
||||
self.get_document_version().document
|
||||
permissions=permission_document_version_sign_detached,
|
||||
user=request.user, obj=self.get_document_version().document
|
||||
)
|
||||
|
||||
return super(
|
||||
@@ -153,13 +141,8 @@ class DocumentVersionEmbeddedSignatureCreateView(FormView):
|
||||
key = form.cleaned_data['key']
|
||||
passphrase = form.cleaned_data['passphrase'] or None
|
||||
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
self.request.user, (permission_key_sign,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_key_sign, self.request.user, key
|
||||
permissions=permission_key_sign, user=self.request.user, obj=key
|
||||
)
|
||||
|
||||
try:
|
||||
@@ -214,14 +197,9 @@ class DocumentVersionEmbeddedSignatureCreateView(FormView):
|
||||
).form_valid(form)
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_document_version_sign_embedded,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_version_sign_embedded, request.user,
|
||||
self.get_document_version().document
|
||||
permissions=permission_document_version_sign_embedded,
|
||||
user=request.user, obj=self.get_document_version().document
|
||||
)
|
||||
|
||||
return super(
|
||||
@@ -312,14 +290,9 @@ class DocumentVersionSignatureDownloadView(SingleObjectDownloadView):
|
||||
|
||||
class DocumentVersionSignatureListView(SingleObjectListView):
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_document_version_signature_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_version_signature_view, request.user,
|
||||
self.get_document_version()
|
||||
permissions=permission_document_version_signature_view,
|
||||
user=request.user, obj=self.get_document_version()
|
||||
)
|
||||
|
||||
return super(
|
||||
@@ -349,14 +322,9 @@ class DocumentVersionSignatureUploadView(SingleObjectCreateView):
|
||||
model = DetachedSignature
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_document_version_signature_upload,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_version_signature_upload, request.user,
|
||||
self.get_document_version()
|
||||
permissions=permission_document_version_signature_upload,
|
||||
user=request.user, obj=self.get_document_version()
|
||||
)
|
||||
|
||||
return super(
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
from __future__ import absolute_import, unicode_literals
|
||||
|
||||
from django.contrib import messages
|
||||
from django.core.exceptions import PermissionDenied
|
||||
from django.core.urlresolvers import reverse, reverse_lazy
|
||||
from django.db.utils import IntegrityError
|
||||
from django.http import HttpResponseRedirect
|
||||
@@ -16,7 +15,6 @@ from common.views import (
|
||||
)
|
||||
from documents.models import Document
|
||||
from documents.views import DocumentListView
|
||||
from permissions import Permission
|
||||
|
||||
from .forms import (
|
||||
WorkflowForm, WorkflowInstanceTransitionForm, WorkflowStateForm,
|
||||
@@ -32,14 +30,9 @@ from .permissions import (
|
||||
|
||||
class DocumentWorkflowInstanceListView(SingleObjectListView):
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_workflow_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_workflow_view, request.user,
|
||||
self.get_document()
|
||||
permissions=permission_workflow_view, user=request.user,
|
||||
obj=self.get_document()
|
||||
)
|
||||
|
||||
return super(
|
||||
@@ -66,13 +59,9 @@ class WorkflowDocumentListView(DocumentListView):
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
self.workflow = get_object_or_404(Workflow, pk=self.kwargs['pk'])
|
||||
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_workflow_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_workflow_view, request.user, self.workflow
|
||||
permissions=permission_workflow_view, user=request.user,
|
||||
obj=self.workflow
|
||||
)
|
||||
|
||||
return super(
|
||||
@@ -94,14 +83,9 @@ class WorkflowDocumentListView(DocumentListView):
|
||||
|
||||
class WorkflowInstanceDetailView(SingleObjectListView):
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_workflow_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_workflow_view, request.user,
|
||||
self.get_workflow_instance().document
|
||||
permissions=permission_workflow_view, users=request.user,
|
||||
obj=self.get_workflow_instance().document
|
||||
)
|
||||
|
||||
return super(
|
||||
@@ -131,14 +115,9 @@ class WorkflowInstanceTransitionView(FormView):
|
||||
template_name = 'appearance/generic_form.html'
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_workflow_transition,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_workflow_transition, request.user,
|
||||
self.get_workflow_instance().document
|
||||
permissions=permission_workflow_transition, user=request.user,
|
||||
obj=self.get_workflow_instance().document
|
||||
)
|
||||
|
||||
return super(
|
||||
@@ -249,13 +228,9 @@ class SetupWorkflowDocumentTypesView(AssignRemoveView):
|
||||
|
||||
class SetupWorkflowStateListView(SingleObjectListView):
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_workflow_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_workflow_view, request.user, self.get_workflow()
|
||||
permissions=permission_workflow_view, user=request.user,
|
||||
obj=self.get_workflow()
|
||||
)
|
||||
|
||||
return super(
|
||||
|
||||
@@ -2,7 +2,6 @@ from __future__ import absolute_import, unicode_literals
|
||||
|
||||
import logging
|
||||
|
||||
from django.core.exceptions import PermissionDenied
|
||||
from django.http import HttpResponse
|
||||
from django.shortcuts import get_object_or_404
|
||||
|
||||
@@ -11,7 +10,6 @@ from rest_framework import generics, status
|
||||
from rest_framework.response import Response
|
||||
|
||||
from acls.models import AccessControlList
|
||||
from permissions import Permission
|
||||
from rest_api.filters import MayanObjectPermissionsFilter
|
||||
from rest_api.permissions import MayanPermission
|
||||
|
||||
@@ -379,14 +377,9 @@ class APIDocumentTypeDocumentListView(generics.ListAPIView):
|
||||
|
||||
def get_queryset(self):
|
||||
document_type = get_object_or_404(DocumentType, pk=self.kwargs['pk'])
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
self.request.user, (permission_document_type_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_type_view, self.request.user,
|
||||
document_type
|
||||
permissions=permission_document_type_view, user=self.request.user,
|
||||
obj=document_type
|
||||
)
|
||||
|
||||
return document_type.documents.all()
|
||||
|
||||
@@ -25,7 +25,6 @@ from common.mixins import MultipleInstanceActionMixin
|
||||
from converter.literals import DEFAULT_ZOOM_LEVEL
|
||||
from converter.models import Transformation
|
||||
from converter.permissions import permission_transformation_delete
|
||||
from permissions import Permission
|
||||
|
||||
from .events import event_document_download, event_document_view
|
||||
from .forms import (
|
||||
@@ -111,13 +110,9 @@ class DeletedDocumentDeleteView(ConfirmView):
|
||||
Document.passthrough, pk=instance.pk
|
||||
)
|
||||
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
self.request.user, (permission_document_delete,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_delete, self.request.user, source_document
|
||||
permissions=permission_document_delete, user=self.request.user,
|
||||
obj=source_document
|
||||
)
|
||||
|
||||
instance.delete()
|
||||
@@ -180,13 +175,9 @@ class DocumentRestoreView(ConfirmView):
|
||||
Document.passthrough, pk=instance.pk
|
||||
)
|
||||
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
self.request.user, (permission_document_restore,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_restore, self.request.user, source_document
|
||||
permissions=permission_document_restore, user=self.request.user,
|
||||
obj=source_document
|
||||
)
|
||||
|
||||
instance.restore()
|
||||
@@ -214,14 +205,9 @@ class DocumentRestoreManyView(MultipleInstanceActionMixin, DocumentRestoreView):
|
||||
|
||||
class DocumentPageListView(SingleObjectListView):
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
self.request.user, (permission_document_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_view, self.request.user,
|
||||
self.get_document()
|
||||
permissions=permission_document_view, user=self.request.user,
|
||||
obj=self.get_document()
|
||||
)
|
||||
|
||||
return super(
|
||||
@@ -245,15 +231,11 @@ class DocumentPageView(SimpleView):
|
||||
template_name = 'appearance/generic_form.html'
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_document_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_view, request.user,
|
||||
self.get_object().document
|
||||
permissions=permission_document_view, user=request.user,
|
||||
obj=self.get_object().document
|
||||
)
|
||||
|
||||
return super(
|
||||
DocumentPageView, self
|
||||
).dispatch(request, *args, **kwargs)
|
||||
@@ -329,13 +311,9 @@ class DocumentTrashView(ConfirmView):
|
||||
return reverse('documents:document_list_recent')
|
||||
|
||||
def object_action(self, instance):
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
self.request.user, (permission_document_trash,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_trash, self.request.user, instance
|
||||
permissions=permission_document_trash, user=self.request.user,
|
||||
obj=instance
|
||||
)
|
||||
|
||||
instance.delete()
|
||||
@@ -437,14 +415,9 @@ class DocumentTypeFilenameCreateView(SingleObjectCreateView):
|
||||
form_class = DocumentTypeFilenameForm_create
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_document_type_edit,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_type_edit, request.user,
|
||||
self.get_document_type()
|
||||
permissions=permission_document_type_edit, user=request.user,
|
||||
obj=self.get_document_type()
|
||||
)
|
||||
|
||||
return super(DocumentTypeFilenameCreateView, self).dispatch(
|
||||
@@ -543,13 +516,9 @@ class DocumentTypeFilenameListView(SingleObjectListView):
|
||||
|
||||
class DocumentVersionListView(SingleObjectListView):
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_document_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_view, request.user, self.get_document()
|
||||
permissions=permission_document_view, user=request.user,
|
||||
obj=self.get_document()
|
||||
)
|
||||
|
||||
self.get_document().add_as_recent_document_for_user(request.user)
|
||||
@@ -1045,10 +1014,10 @@ def document_multiple_clear_transformations(request):
|
||||
def document_page_navigation_next(request, document_page_id):
|
||||
document_page = get_object_or_404(DocumentPage, pk=document_page_id)
|
||||
|
||||
try:
|
||||
Permission.check_permissions(request.user, (permission_document_view,))
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(permission_document_view, request.user, document_page.document)
|
||||
AccessControlList.objects.check_access(
|
||||
permissions=permission_document_view, user=request.user,
|
||||
obj=document_page.document
|
||||
)
|
||||
|
||||
view = resolve(urlparse.urlparse(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))).path).view_name
|
||||
|
||||
@@ -1063,10 +1032,10 @@ def document_page_navigation_next(request, document_page_id):
|
||||
def document_page_navigation_previous(request, document_page_id):
|
||||
document_page = get_object_or_404(DocumentPage, pk=document_page_id)
|
||||
|
||||
try:
|
||||
Permission.check_permissions(request.user, (permission_document_view,))
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(permission_document_view, request.user, document_page.document)
|
||||
AccessControlList.objects.check_access(
|
||||
permissions=permission_document_view, user=request.user,
|
||||
obj=document_page.document
|
||||
)
|
||||
|
||||
view = resolve(urlparse.urlparse(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))).path).view_name
|
||||
|
||||
@@ -1082,10 +1051,10 @@ def document_page_navigation_first(request, document_page_id):
|
||||
document_page = get_object_or_404(DocumentPage, pk=document_page_id)
|
||||
document_page = get_object_or_404(document_page.siblings, page_number=1)
|
||||
|
||||
try:
|
||||
Permission.check_permissions(request.user, (permission_document_view,))
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(permission_document_view, request.user, document_page.document)
|
||||
AccessControlList.objects.check_access(
|
||||
permissions=permission_document_view, user=request.user,
|
||||
obj=document_page.document
|
||||
)
|
||||
|
||||
view = resolve(urlparse.urlparse(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))).path).view_name
|
||||
|
||||
@@ -1096,10 +1065,10 @@ def document_page_navigation_last(request, document_page_id):
|
||||
document_page = get_object_or_404(DocumentPage, pk=document_page_id)
|
||||
document_page = get_object_or_404(document_page.siblings, page_number=document_page.siblings.count())
|
||||
|
||||
try:
|
||||
Permission.check_permissions(request.user, (permission_document_view,))
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(permission_document_view, request.user, document_page.document)
|
||||
AccessControlList.objects.check_access(
|
||||
permissions=permission_document_view, user=request.user,
|
||||
obj=document_page.document
|
||||
)
|
||||
|
||||
view = resolve(urlparse.urlparse(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))).path).view_name
|
||||
|
||||
@@ -1109,10 +1078,10 @@ def document_page_navigation_last(request, document_page_id):
|
||||
def transform_page(request, document_page_id, zoom_function=None, rotation_function=None):
|
||||
document_page = get_object_or_404(DocumentPage, pk=document_page_id)
|
||||
|
||||
try:
|
||||
Permission.check_permissions(request.user, (permission_document_view,))
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(permission_document_view, request.user, document_page.document)
|
||||
AccessControlList.objects.check_access(
|
||||
permissions=permission_document_view, user=request.user,
|
||||
obj=document_page.document
|
||||
)
|
||||
|
||||
view = resolve(urlparse.urlparse(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))).path).view_name
|
||||
|
||||
@@ -1172,10 +1141,9 @@ def document_page_rotate_left(request, document_page_id):
|
||||
def document_print(request, document_id):
|
||||
document = get_object_or_404(Document, pk=document_id)
|
||||
|
||||
try:
|
||||
Permission.check_permissions(request.user, (permission_document_print,))
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(permission_document_print, request.user, document)
|
||||
AccessControlList.objects.check_access(
|
||||
permissions=permission_document_print, user=request.user, obj=document
|
||||
)
|
||||
|
||||
document.add_as_recent_document_for_user(request.user)
|
||||
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
from __future__ import absolute_import, unicode_literals
|
||||
|
||||
from django.contrib.contenttypes.models import ContentType
|
||||
from django.core.exceptions import PermissionDenied
|
||||
from django.http import Http404
|
||||
from django.shortcuts import get_object_or_404
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
@@ -11,7 +10,6 @@ from actstream.models import Action, any_stream
|
||||
from acls.models import AccessControlList
|
||||
from common.utils import encapsulate
|
||||
from common.views import SingleObjectListView
|
||||
from permissions import Permission
|
||||
|
||||
from .classes import Event
|
||||
from .permissions import permission_events_view
|
||||
@@ -55,13 +53,9 @@ class ObjectEventListView(EventListView):
|
||||
except self.object_content_type.model_class().DoesNotExist:
|
||||
raise Http404
|
||||
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, permissions=(permission_events_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_events_view, request.user, self.content_object
|
||||
permissions=permission_events_view, user=request.user,
|
||||
obj=self.content_object
|
||||
)
|
||||
|
||||
return super(
|
||||
|
||||
@@ -1,6 +1,5 @@
|
||||
from __future__ import absolute_import, unicode_literals
|
||||
|
||||
from django.core.exceptions import PermissionDenied
|
||||
from django.shortcuts import get_object_or_404
|
||||
|
||||
from rest_framework import generics
|
||||
@@ -9,7 +8,6 @@ from rest_framework.response import Response
|
||||
from acls.models import AccessControlList
|
||||
from documents.models import Document
|
||||
from documents.permissions import permission_document_view
|
||||
from permissions import Permission
|
||||
from rest_api.filters import MayanObjectPermissionsFilter
|
||||
from rest_api.permissions import MayanPermission
|
||||
|
||||
@@ -37,13 +35,9 @@ class APIDocumentFolderListView(generics.ListAPIView):
|
||||
|
||||
def get_queryset(self):
|
||||
document = get_object_or_404(Document, pk=self.kwargs['pk'])
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
self.request.user, (permission_document_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_view, self.request.user, document
|
||||
permissions=permission_document_view, user=self.request.user,
|
||||
obj=document
|
||||
)
|
||||
|
||||
queryset = document.document_folders().all()
|
||||
@@ -207,13 +201,9 @@ class APIFolderDocumentView(generics.RetrieveDestroyAPIView):
|
||||
def retrieve(self, request, *args, **kwargs):
|
||||
instance = self.get_object()
|
||||
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
self.request.user, (permission_document_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_view, self.request.user, instance
|
||||
permissions=permission_document_view, user=self.request.user,
|
||||
obj=instance
|
||||
)
|
||||
|
||||
serializer = self.get_serializer(instance)
|
||||
|
||||
@@ -4,7 +4,6 @@ import logging
|
||||
|
||||
from django.conf import settings
|
||||
from django.contrib import messages
|
||||
from django.core.exceptions import PermissionDenied
|
||||
from django.core.urlresolvers import reverse, reverse_lazy
|
||||
from django.http import HttpResponseRedirect
|
||||
from django.shortcuts import get_object_or_404, render_to_response
|
||||
@@ -19,7 +18,6 @@ from common.views import (
|
||||
from documents.permissions import permission_document_view
|
||||
from documents.models import Document
|
||||
from documents.views import DocumentListView
|
||||
from permissions import Permission
|
||||
|
||||
from .forms import FolderListForm
|
||||
from .models import Folder
|
||||
@@ -69,13 +67,9 @@ class FolderDetailView(DocumentListView):
|
||||
def get_folder(self):
|
||||
folder = get_object_or_404(Folder, pk=self.kwargs['pk'])
|
||||
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
self.request.user, (permission_folder_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_folder_view, self.request.user, folder
|
||||
permissions=permission_folder_view, user=self.request.user,
|
||||
obj=folder
|
||||
)
|
||||
|
||||
return folder
|
||||
@@ -109,16 +103,14 @@ class DocumentFolderListView(FolderListView):
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
self.document = get_object_or_404(Document, pk=self.kwargs['pk'])
|
||||
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_document_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_view, request.user, self.document
|
||||
permissions=permission_document_view, user=request.user,
|
||||
obj=self.document
|
||||
)
|
||||
|
||||
return super(DocumentFolderListView, self).dispatch(request, *args, **kwargs)
|
||||
return super(DocumentFolderListView, self).dispatch(
|
||||
request, *args, **kwargs
|
||||
)
|
||||
|
||||
def get_extra_context(self):
|
||||
return {
|
||||
|
||||
@@ -3,7 +3,6 @@ from __future__ import absolute_import, unicode_literals
|
||||
import logging
|
||||
|
||||
from django.contrib import messages
|
||||
from django.core.exceptions import PermissionDenied
|
||||
from django.core.urlresolvers import reverse, reverse_lazy
|
||||
from django.shortcuts import get_object_or_404
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
@@ -16,7 +15,6 @@ from common.generics import (
|
||||
from documents.models import Document, DocumentType
|
||||
from documents.permissions import permission_document_view
|
||||
from documents.views import DocumentListView
|
||||
from permissions import Permission
|
||||
|
||||
from .forms import SmartLinkConditionForm, SmartLinkForm
|
||||
from .models import ResolvedSmartLink, SmartLink, SmartLinkCondition
|
||||
@@ -37,22 +35,14 @@ class ResolvedSmartLinkView(DocumentListView):
|
||||
SmartLink, pk=self.kwargs['smart_link_pk']
|
||||
)
|
||||
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_document_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_view, request.user, self.document
|
||||
permissions=permission_document_view, user=request.user,
|
||||
obj=self.document
|
||||
)
|
||||
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_smart_link_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_smart_link_view, request.user, self.smart_link
|
||||
permissions=permission_smart_link_view, user=request.user,
|
||||
obj=self.smart_link
|
||||
)
|
||||
|
||||
return super(
|
||||
@@ -151,13 +141,9 @@ class DocumentSmartLinkListView(SmartLinkListView):
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
self.document = get_object_or_404(Document, pk=self.kwargs['pk'])
|
||||
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_document_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_view, request.user, self.document
|
||||
permissions=permission_document_view, user=request.user,
|
||||
obj=self.document
|
||||
)
|
||||
|
||||
return super(
|
||||
@@ -234,15 +220,11 @@ class SmartLinkConditionCreateView(SingleObjectCreateView):
|
||||
form_class = SmartLinkConditionForm
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_smart_link_edit,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
(permission_smart_link_edit,), request.user,
|
||||
self.get_smart_link()
|
||||
permissions=permission_smart_link_edit, user=request.user,
|
||||
obj=self.get_smart_link()
|
||||
)
|
||||
|
||||
return super(
|
||||
SmartLinkConditionCreateView, self
|
||||
).dispatch(request, *args, **kwargs)
|
||||
@@ -277,14 +259,9 @@ class SmartLinkConditionEditView(SingleObjectEditView):
|
||||
model = SmartLinkCondition
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_smart_link_edit,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
(permission_smart_link_edit,), request.user,
|
||||
self.get_object().smart_link
|
||||
permissions=permission_smart_link_edit, user=request.user,
|
||||
obj=self.get_object().smart_link
|
||||
)
|
||||
|
||||
return super(
|
||||
@@ -311,14 +288,9 @@ class SmartLinkConditionDeleteView(SingleObjectDeleteView):
|
||||
model = SmartLinkCondition
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_smart_link_edit,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
(permission_smart_link_edit,), request.user,
|
||||
self.get_object().smart_link
|
||||
permissions=permission_smart_link_edit, user=request.user,
|
||||
obj=self.get_object().smart_link
|
||||
)
|
||||
|
||||
return super(
|
||||
|
||||
@@ -1,6 +1,5 @@
|
||||
from __future__ import absolute_import, unicode_literals
|
||||
|
||||
from django.core.exceptions import PermissionDenied
|
||||
from django.shortcuts import get_object_or_404
|
||||
|
||||
from rest_framework import generics, status, views
|
||||
@@ -11,7 +10,6 @@ from documents.models import Document, DocumentType
|
||||
from documents.permissions import (
|
||||
permission_document_type_view, permission_document_type_edit
|
||||
)
|
||||
from permissions import Permission
|
||||
from rest_api.filters import MayanObjectPermissionsFilter
|
||||
from rest_api.permissions import MayanPermission
|
||||
|
||||
@@ -100,30 +98,20 @@ class APIDocumentMetadataListView(generics.ListCreateAPIView):
|
||||
if self.request.method == 'GET':
|
||||
# Make sure the use has the permission to see the metadata for
|
||||
# this document
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
self.request.user, (permission_metadata_document_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_metadata_document_view, self.request.user,
|
||||
document
|
||||
permissions=permission_metadata_document_view,
|
||||
user=self.request.user, obj=document
|
||||
)
|
||||
else:
|
||||
|
||||
return document.metadata.all()
|
||||
elif self.request.method == 'POST':
|
||||
# Make sure the use has the permission to add metadata to this
|
||||
# document
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
self.request.user, (permission_metadata_document_add,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_metadata_document_add, self.request.user,
|
||||
document
|
||||
permissions=permission_metadata_document_add,
|
||||
user=self.request.user, obj=document
|
||||
)
|
||||
else:
|
||||
|
||||
return document.metadata.all()
|
||||
|
||||
def get_serializer_class(self):
|
||||
@@ -222,14 +210,9 @@ class APIDocumentTypeMetadataTypeOptionalListView(generics.ListCreateAPIView):
|
||||
document_type = get_object_or_404(
|
||||
DocumentType, pk=self.kwargs['document_type_pk']
|
||||
)
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
self.request.user, (permission_document_type_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_type_view, self.request.user,
|
||||
document_type
|
||||
permissions=permission_document_type_view, user=self.request.user,
|
||||
obj=document_type
|
||||
)
|
||||
|
||||
return document_type.metadata.filter(required=self.required_metadata)
|
||||
@@ -256,14 +239,9 @@ class APIDocumentTypeMetadataTypeOptionalListView(generics.ListCreateAPIView):
|
||||
DocumentType, pk=self.kwargs['document_type_pk']
|
||||
)
|
||||
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
self.request.user, (permission_document_type_edit,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_type_edit, self.request.user,
|
||||
document_type
|
||||
permissions=permission_document_type_edit, user=self.request.user,
|
||||
obj=document_type
|
||||
)
|
||||
|
||||
serializer = self.get_serializer(data=self.request.POST)
|
||||
@@ -316,14 +294,9 @@ class APIDocumentTypeMetadataTypeView(views.APIView):
|
||||
DocumentTypeMetadataType, pk=self.kwargs['pk']
|
||||
)
|
||||
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
self.request.user, (permission_document_type_edit,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_type_edit, self.request.user,
|
||||
document_type_metadata_type.document_type
|
||||
permissions=permission_document_type_edit, user=self.request.user,
|
||||
obj=document_type_metadata_type.document_type
|
||||
)
|
||||
|
||||
document_type_metadata_type.delete()
|
||||
|
||||
@@ -19,7 +19,6 @@ from documents.models import Document, DocumentType
|
||||
from documents.permissions import (
|
||||
permission_document_type_edit
|
||||
)
|
||||
from permissions import Permission
|
||||
|
||||
from .api import save_metadata_list
|
||||
from .forms import (
|
||||
@@ -464,14 +463,9 @@ def metadata_multiple_remove(request):
|
||||
|
||||
class DocumentMetadataListView(SingleObjectListView):
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
self.request.user, (permission_metadata_document_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_metadata_document_view, self.request.user,
|
||||
self.get_document()
|
||||
permissions=permission_metadata_document_view,
|
||||
user=self.request.user, obj=self.get_document()
|
||||
)
|
||||
|
||||
return super(DocumentMetadataListView, self).dispatch(
|
||||
|
||||
@@ -15,7 +15,6 @@ from django.utils.encoding import smart_str, smart_unicode
|
||||
from django.utils.http import urlencode, urlquote
|
||||
|
||||
from common.utils import return_attrib
|
||||
from permissions import Permission
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
@@ -250,17 +249,11 @@ class Link(object):
|
||||
# If this link has a required permission check that the user have it
|
||||
# too
|
||||
if self.permissions:
|
||||
try:
|
||||
Permission.check_permissions(request.user, self.permissions)
|
||||
except PermissionDenied:
|
||||
# If the user doesn't have the permission, and we are passed
|
||||
# an instance, check to see if the user has at least ACL
|
||||
# access to the instance.
|
||||
if resolved_object:
|
||||
try:
|
||||
AccessControlList.objects.check_access(
|
||||
self.permissions, request.user, resolved_object,
|
||||
related=self.permissions_related
|
||||
permissions=self.permissions, user=request.user,
|
||||
obj=resolved_object, related=self.permissions_related
|
||||
)
|
||||
except PermissionDenied:
|
||||
return None
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
from __future__ import absolute_import, unicode_literals
|
||||
|
||||
from django.contrib import messages
|
||||
from django.core.exceptions import PermissionDenied
|
||||
from django.core.urlresolvers import reverse
|
||||
from django.http import HttpResponseRedirect
|
||||
from django.shortcuts import get_object_or_404
|
||||
@@ -14,7 +13,6 @@ from common.generics import (
|
||||
)
|
||||
from common.mixins import MultipleInstanceActionMixin
|
||||
from documents.models import Document, DocumentType
|
||||
from permissions import Permission
|
||||
|
||||
from .forms import DocumentContentForm, DocumentTypeSelectForm
|
||||
from .models import DocumentVersionOCRError
|
||||
@@ -52,13 +50,9 @@ class DocumentSubmitView(ConfirmView):
|
||||
return Document.objects.get(pk=self.kwargs['pk'])
|
||||
|
||||
def object_action(self, instance):
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
self.request.user, (permission_ocr_document,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_ocr_document, self.request.user, instance
|
||||
permissions=permission_ocr_document, user=self.request.user,
|
||||
obj=instance
|
||||
)
|
||||
|
||||
instance.submit_for_ocr()
|
||||
|
||||
@@ -54,9 +54,14 @@ class Permission(object):
|
||||
|
||||
@classmethod
|
||||
def check_permissions(cls, requester, permissions):
|
||||
try:
|
||||
for permission in permissions:
|
||||
if permission.stored_permission.requester_has_this(requester):
|
||||
return True
|
||||
except TypeError:
|
||||
# Not a list of permissions, just one
|
||||
if permissions.stored_permission.requester_has_this(requester):
|
||||
return True
|
||||
|
||||
logger.debug('no permission')
|
||||
|
||||
|
||||
@@ -32,9 +32,6 @@ class MayanPermission(BasePermission):
|
||||
).get(request.method, None)
|
||||
|
||||
if required_permission:
|
||||
try:
|
||||
Permission.check_permissions(request.user, required_permission)
|
||||
except PermissionDenied:
|
||||
try:
|
||||
if hasattr(view, 'mayan_permission_attribute_check'):
|
||||
AccessControlList.objects.check_access(
|
||||
@@ -44,7 +41,8 @@ class MayanPermission(BasePermission):
|
||||
)
|
||||
else:
|
||||
AccessControlList.objects.check_access(
|
||||
required_permission, request.user, obj
|
||||
permissions=required_permission, user=request.user,
|
||||
obj=obj
|
||||
)
|
||||
except PermissionDenied:
|
||||
return False
|
||||
@@ -52,5 +50,3 @@ class MayanPermission(BasePermission):
|
||||
return True
|
||||
else:
|
||||
return True
|
||||
else:
|
||||
return True
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
from __future__ import absolute_import, unicode_literals
|
||||
|
||||
from django.contrib import messages
|
||||
from django.core.exceptions import PermissionDenied
|
||||
from django.core.urlresolvers import reverse, reverse_lazy
|
||||
from django.http import HttpResponseRedirect
|
||||
from django.shortcuts import get_object_or_404
|
||||
@@ -23,7 +22,6 @@ from documents.permissions import (
|
||||
from documents.tasks import task_upload_new_version
|
||||
from metadata.api import decode_metadata_from_url
|
||||
from navigation import Link
|
||||
from permissions import Permission
|
||||
|
||||
from .forms import (
|
||||
NewDocumentForm, NewVersionForm, WebFormUploadForm,
|
||||
@@ -195,14 +193,9 @@ class UploadInteractiveView(UploadBaseView):
|
||||
)
|
||||
)
|
||||
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_document_create,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_create, request.user,
|
||||
self.document_type
|
||||
permissions=permission_document_create, user=request.user,
|
||||
obj=self.document_type
|
||||
)
|
||||
|
||||
self.tab_links = UploadBaseView.get_active_tab_links()
|
||||
@@ -333,14 +326,9 @@ class UploadInteractiveVersionView(UploadBaseView):
|
||||
)
|
||||
)
|
||||
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
self.request.user, (permission_document_new_version,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_new_version, self.request.user,
|
||||
self.document
|
||||
permissions=permission_document_new_version,
|
||||
user=self.request.user, obj=self.document
|
||||
)
|
||||
|
||||
self.tab_links = UploadBaseView.get_active_tab_links(self.document)
|
||||
|
||||
@@ -1,6 +1,5 @@
|
||||
from __future__ import absolute_import, unicode_literals
|
||||
|
||||
from django.core.exceptions import PermissionDenied
|
||||
from django.shortcuts import get_object_or_404
|
||||
|
||||
from rest_framework import generics
|
||||
@@ -11,7 +10,6 @@ from acls.models import AccessControlList
|
||||
from documents.models import Document
|
||||
from documents.permissions import permission_document_view
|
||||
from documents.serializers import DocumentSerializer
|
||||
from permissions import Permission
|
||||
from rest_api.filters import MayanObjectPermissionsFilter
|
||||
from rest_api.permissions import MayanPermission
|
||||
|
||||
@@ -105,13 +103,9 @@ class APITagDocumentListView(generics.ListAPIView):
|
||||
|
||||
def get_queryset(self):
|
||||
tag = get_object_or_404(Tag, pk=self.kwargs['pk'])
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
self.request.user, (permission_tag_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
|
||||
AccessControlList.objects.check_access(
|
||||
permission_tag_view, self.request.user, tag
|
||||
permissions=permission_tag_view, user=self.request.user, obj=tag
|
||||
)
|
||||
|
||||
return tag.documents.all()
|
||||
@@ -130,13 +124,10 @@ class APIDocumentTagListView(generics.ListCreateAPIView):
|
||||
|
||||
def get_queryset(self):
|
||||
document = self.get_document()
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
self.request.user, (permission_document_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_view, self.request.user, document
|
||||
permissions=permission_document_view, user=self.request.user,
|
||||
obj=document
|
||||
)
|
||||
|
||||
return document.attached_tags().all()
|
||||
@@ -198,13 +189,9 @@ class APIDocumentTagView(generics.RetrieveDestroyAPIView):
|
||||
def get_document(self):
|
||||
document = get_object_or_404(Document, pk=self.kwargs['document_pk'])
|
||||
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
self.request.user, (permission_document_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_view, self.request.user, document
|
||||
permissions=permission_document_view, user=self.request.user,
|
||||
obj=document
|
||||
)
|
||||
return document
|
||||
|
||||
|
||||
@@ -1,6 +1,5 @@
|
||||
from __future__ import absolute_import, unicode_literals
|
||||
|
||||
from django.core.exceptions import PermissionDenied
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
|
||||
from rest_framework import serializers
|
||||
@@ -8,7 +7,6 @@ from rest_framework.exceptions import ValidationError
|
||||
from rest_framework.reverse import reverse
|
||||
|
||||
from acls.models import AccessControlList
|
||||
from permissions import Permission
|
||||
|
||||
from .models import Tag
|
||||
from .permissions import permission_tag_attach
|
||||
@@ -50,13 +48,9 @@ class NewDocumentTagSerializer(serializers.Serializer):
|
||||
try:
|
||||
tag = Tag.objects.get(pk=validated_data['tag'])
|
||||
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
self.context['request'].user, (permission_tag_attach,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_tag_attach, self.context['request'], tag
|
||||
permissions=permission_tag_attach,
|
||||
user=self.context['request'].user, obj=tag
|
||||
)
|
||||
|
||||
tag.documents.add(validated_data['document'])
|
||||
|
||||
@@ -18,7 +18,6 @@ from common.views import (
|
||||
from documents.models import Document
|
||||
from documents.views import DocumentListView
|
||||
from documents.permissions import permission_document_view
|
||||
from permissions import Permission
|
||||
|
||||
from .forms import TagListForm
|
||||
from .models import Tag
|
||||
@@ -245,18 +244,14 @@ class DocumentTagListView(TagListView):
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
self.document = get_object_or_404(Document, pk=self.kwargs['pk'])
|
||||
|
||||
try:
|
||||
Permission.check_permissions(
|
||||
request.user, (permission_document_view,)
|
||||
)
|
||||
except PermissionDenied:
|
||||
AccessControlList.objects.check_access(
|
||||
permission_document_view, request.user, self.document
|
||||
permissions=permission_document_view, user=request.user,
|
||||
obj=self.document
|
||||
)
|
||||
|
||||
return super(
|
||||
DocumentTagListView, self
|
||||
).dispatch(request, *args, **kwargs)
|
||||
return super(DocumentTagListView, self).dispatch(
|
||||
request, *args, **kwargs
|
||||
)
|
||||
|
||||
def get_extra_context(self):
|
||||
return {
|
||||
|
||||
Reference in New Issue
Block a user