diff --git a/mayan/apps/acls/apps.py b/mayan/apps/acls/apps.py index ba29be5f7b..1426cd6882 100644 --- a/mayan/apps/acls/apps.py +++ b/mayan/apps/acls/apps.py @@ -9,21 +9,11 @@ from common import ( ) from .classes import ( - AccessHolder, AccessObject, AccessObjectClass, ClassAccessHolder + AccessHolder, AccessObject, AccessObjectClass ) from .links import ( - link_acl_class_acl_detail, link_acl_class_acl_list, link_acl_class_grant, - link_acl_class_list, link_acl_class_new_holder_for, link_acl_class_revoke, - link_acl_detail, link_acl_grant, link_acl_holder_new, link_acl_revoke, - link_acl_setup_valid_classes + link_acl_detail, link_acl_grant, link_acl_holder_new, link_acl_revoke ) -#from .models import CreatorSingleton - - -#def create_creator_user(sender, **kwargs): -# if kwargs['app_config'].__class__ == ACLsApp: -# CreatorSingleton.objects.get_or_create() - class ACLsApp(MayanAppConfig): name = 'acls' @@ -32,21 +22,6 @@ class ACLsApp(MayanAppConfig): def ready(self): super(ACLsApp, self).ready() - menu_multi_item.bind_links(links=[link_acl_class_grant, link_acl_class_revoke], sources=['acls:acl_class_acl_detail']) menu_multi_item.bind_links(links=[link_acl_grant, link_acl_revoke], sources=['acls:acl_detail']) - menu_object.bind_links(links=[link_acl_class_acl_detail], sources=[ClassAccessHolder]) - menu_object.bind_links(links=[link_acl_class_acl_list, link_acl_class_new_holder_for], sources=[AccessObjectClass]) menu_object.bind_links(links=[link_acl_detail], sources=[AccessHolder]) - menu_secondary.bind_links( - links=[link_acl_class_list], - sources=[ - 'acls:acl_setup_valid_classes', 'acls:acl_class_acl_list', - 'acls:acl_class_new_holder_for', 'acls:acl_class_acl_detail', - 'acls:acl_class_multiple_grant', - 'acls:acl_class_multiple_revoke' - ], - ) - menu_setup.bind_links(links=[link_acl_setup_valid_classes]) menu_sidebar.bind_links(links=[link_acl_holder_new], sources=[AccessObject]) - - #post_migrate.connect(create_creator_user, dispatch_uid='create_creator_user') diff --git a/mayan/apps/acls/classes.py b/mayan/apps/acls/classes.py index edab6e6fa9..cc0b3c2026 100644 --- a/mayan/apps/acls/classes.py +++ b/mayan/apps/acls/classes.py @@ -140,10 +140,6 @@ class AccessObjectClass(EncapsulatedObject): source_object_name = 'cls' -class ClassAccessHolder(EncapsulatedObject): - source_object_name = 'class_holder' - - if sys.version_info < (2, 5): # Prior to Python 2.5, Exception was an old-style class def subclass_exception(name, parents, unused): diff --git a/mayan/apps/acls/links.py b/mayan/apps/acls/links.py index 291ccae1da..534c474650 100644 --- a/mayan/apps/acls/links.py +++ b/mayan/apps/acls/links.py @@ -4,9 +4,7 @@ from django.utils.translation import ugettext_lazy as _ from navigation import Link -from .permissions import ( - acls_class_edit_acl, acls_class_view_acl, acls_edit_acl, acls_view_acl -) +from .permissions import acls_edit_acl, acls_view_acl link_acl_list = Link(permissions=[acls_view_acl], text=_('ACLs'), view='acls:acl_list') @@ -14,11 +12,3 @@ link_acl_detail = Link(permissions=[acls_view_acl], text=_('Details'), view='acl link_acl_grant = Link(permissions=[acls_edit_acl], text=_('Grant'), view='acls:acl_multiple_grant') link_acl_revoke = Link(permissions=[acls_edit_acl], text=_('Revoke'), view='acls:acl_multiple_revoke') link_acl_holder_new = Link(permissions=[acls_edit_acl], text=_('New holder'), view='acls:acl_holder_new', args='access_object.gid') -link_acl_setup_valid_classes = Link(icon='fa fa-lock', permissions=[acls_class_view_acl], text=_('Default ACLs'), view='acls:acl_setup_valid_classes') -link_acl_class_list = Link(permissions=[acls_class_view_acl], text=_('Classes'), view='acls:acl_setup_valid_classes') - -link_acl_class_acl_list = Link(permissions=[acls_class_view_acl], text=_('ACLs for class'), view='acls:acl_class_acl_list', args='object.gid') -link_acl_class_acl_detail = Link(permissions=[acls_class_view_acl], text=_('Details'), view='acls:acl_class_acl_detail', args=['access_object_class.gid', 'object.gid']) -link_acl_class_new_holder_for = Link(permissions=[acls_class_edit_acl], text=_('New holder'), view='acls:acl_class_new_holder_for', args='object.gid') -link_acl_class_grant = Link(permissions=[acls_class_edit_acl], text=_('Grant'), view='acls:acl_class_multiple_grant') -link_acl_class_revoke = Link(permissions=[acls_class_edit_acl], text=_('Revoke'), view='acls:acl_class_multiple_revoke') diff --git a/mayan/apps/acls/managers.py b/mayan/apps/acls/managers.py index 3e2774c01b..086e53af08 100644 --- a/mayan/apps/acls/managers.py +++ b/mayan/apps/acls/managers.py @@ -12,9 +12,8 @@ from django.utils.translation import ugettext from common.models import AnonymousUserSingleton from permissions import Permission -#from permissions.models import RoleMember -from .classes import AccessHolder, ClassAccessHolder, get_source_object +from .classes import AccessHolder, get_source_object logger = logging.getLogger(__name__) @@ -266,13 +265,14 @@ class DefaultAccessEntryManager(models.Manager): cls = get_source_object(cls) content_type = ContentType.objects.get_for_model(cls) holder_list = [] - for access_entry in self.model.objects.filter(content_type=content_type): - if access_entry.holder_object: + #for access_entry in self.model.objects.filter(content_type=content_type): + #if access_entry.holder_object: # Don't add references to non existant content type objects - entry = ClassAccessHolder.encapsulate(access_entry.holder_object) + #TODO: FIX + #entry = ClassAccessHolder.encapsulate(access_entry.holder_object) - if entry not in holder_list: - holder_list.append(entry) + #if entry not in holder_list: + # holder_list.append(entry) return holder_list diff --git a/mayan/apps/acls/models.py b/mayan/apps/acls/models.py index ea2ba75fda..afb177d175 100644 --- a/mayan/apps/acls/models.py +++ b/mayan/apps/acls/models.py @@ -44,26 +44,3 @@ class AccessEntry(models.Model): def __str__(self): return '%s: %s' % (self.content_type, self.content_object) - - -@python_2_unicode_compatible -class DefaultAccessEntry(models.Model): - """ - Model that holds the permission, class, actor relationship, that will - be added upon the creation of an instance of said class - """ - @classmethod - def get_classes(cls): - return [AccessObjectClass.encapsulate(cls) for cls in get_classes()] - - permission = models.ForeignKey(StoredPermission, verbose_name=_('Permission')) - role = models.ForeignKey(Role, verbose_name=_('Role')) - - objects = DefaultAccessEntryManager() - - class Meta: - verbose_name = _('Default access entry') - verbose_name_plural = _('Default access entries') - - def __str__(self): - return '%s: %s' % (self.content_type, self.content_object) diff --git a/mayan/apps/acls/permissions.py b/mayan/apps/acls/permissions.py index c58dca7d86..b0623c4952 100644 --- a/mayan/apps/acls/permissions.py +++ b/mayan/apps/acls/permissions.py @@ -5,10 +5,6 @@ from django.utils.translation import ugettext_lazy as _ from permissions import PermissionNamespace acls_namespace = PermissionNamespace('acls', _('Access control lists')) -acls_setup_namespace = PermissionNamespace('acls_setup', _('Access control lists')) acls_edit_acl = acls_namespace.add_permission(name='acl_edit', label=_('Edit ACLs')) acls_view_acl = acls_namespace.add_permission(name='acl_view', label=_('View ACLs')) - -acls_class_edit_acl = acls_setup_namespace.add_permission(name='acl_class_edit', label=_('Edit class default ACLs')) -acls_class_view_acl = acls_setup_namespace.add_permission(name='acl_class_view', label=_('View class default ACLs')) diff --git a/mayan/apps/acls/urls.py b/mayan/apps/acls/urls.py index f3fa053817..3f584f6a56 100644 --- a/mayan/apps/acls/urls.py +++ b/mayan/apps/acls/urls.py @@ -11,12 +11,4 @@ urlpatterns = patterns( url(r'^multiple/grant/$', 'acl_grant', name='acl_multiple_grant'), url(r'^multiple/revoke/$', 'acl_revoke', name='acl_multiple_revoke'), - - url(r'^class/$', 'acl_setup_valid_classes', name='acl_setup_valid_classes'), - url(r'^class/details/(?P[.\w]+)/holder/(?P[.\w]+)/$', 'acl_class_acl_detail', name='acl_class_acl_detail'), - url(r'^class/list_for/(?P[.\w]+)/$', 'acl_class_acl_list', name='acl_class_acl_list'), - url(r'^class/holder/new/(?P[.\w]+)/$', 'acl_class_new_holder_for', name='acl_class_new_holder_for'), - - url(r'^class/multiple/grant/$', 'acl_class_multiple_grant', name='acl_class_multiple_grant'), - url(r'^class/multiple/revoke/$', 'acl_class_multiple_revoke', name='acl_class_multiple_revoke'), ) diff --git a/mayan/apps/acls/utils.py b/mayan/apps/acls/utils.py deleted file mode 100644 index 31d123bcae..0000000000 --- a/mayan/apps/acls/utils.py +++ /dev/null @@ -1,36 +0,0 @@ -from __future__ import unicode_literals - -import logging - -from django.contrib.contenttypes.models import ContentType - -from common.models import AnonymousUserSingleton - -from .classes import get_source_object -#from .models import AccessEntry, CreatorSingleton, DefaultAccessEntry -from .models import AccessEntry, DefaultAccessEntry - -logger = logging.getLogger(__name__) - - -def apply_default_acls(obj, actor=None): - logger.debug('actor, init: %s', actor) - obj = get_source_object(obj) - - #if actor: - # actor = AnonymousUserSingleton.objects.passthru_check(actor) - - content_type = ContentType.objects.get_for_model(obj) - - for default_acl in DefaultAccessEntry.objects.filter(content_type=content_type): - #holder = CreatorSingleton.objects.passthru_check(default_acl.holder_object, actor) - holder = actor - - if holder: - # When the creator is admin - access_entry = AccessEntry( - permission=default_acl.permission, - holder_object=holder, - content_object=obj, - ) - access_entry.save() diff --git a/mayan/apps/acls/views.py b/mayan/apps/acls/views.py index 9c5ef35fa4..41ddfd1ffa 100644 --- a/mayan/apps/acls/views.py +++ b/mayan/apps/acls/views.py @@ -19,14 +19,10 @@ from common.widgets import two_state_template from permissions import Permission from .api import get_class_permissions_for -from .classes import ( - AccessHolder, AccessObject, AccessObjectClass, ClassAccessHolder -) +from .classes import AccessHolder, AccessObject, AccessObjectClass from .forms import ClassHolderSelectionForm, HolderSelectionForm -from .models import AccessEntry, DefaultAccessEntry -from .permissions import ( - acls_edit_acl, acls_class_edit_acl, acls_class_view_acl, acls_view_acl -) +from .models import AccessEntry +from .permissions import acls_edit_acl, acls_view_acl from .widgets import object_indentifier logger = logging.getLogger(__name__) @@ -359,270 +355,4 @@ def acl_holder_new(request, access_object_gid): except ObjectDoesNotExist: raise Http404 - return acl_new_holder_for(request, access_object.source_object) # , extra_context={'access_object': access_object}) - - -# Setup views -def acl_setup_valid_classes(request): - Permission.check_permissions(request.user, [acls_class_view_acl]) - - context = { - 'object_list': DefaultAccessEntry.get_classes(), - 'title': _('Classes'), - 'extra_columns': [ - {'name': _('Class'), 'attribute': encapsulate(lambda x: object_indentifier(x.source_object))}, - ], - 'hide_object': True, - } - - return render_to_response('appearance/generic_list.html', context, - context_instance=RequestContext(request)) - - -def acl_class_acl_list(request, access_object_class_gid): - logger.debug('access_object_class_gid: %s', access_object_class_gid) - - Permission.check_permissions(request.user, [acls_class_view_acl]) - - access_object_class = AccessObjectClass.get(gid=access_object_class_gid) - logger.debug('access_object_class: %s', access_object_class) - - context = { - 'object_list': DefaultAccessEntry.objects.get_holders_for(access_object_class.source_object), - 'title': _('Default access control lists for class: %s') % access_object_class, - 'extra_columns': [ - {'name': _('Holder'), 'attribute': encapsulate(lambda x: object_indentifier(x.source_object))}, - {'name': _('Permissions'), 'attribute': encapsulate(lambda x: _permission_titles(DefaultAccessEntry.objects.get_holder_permissions_for(access_object_class.source_object, x.source_object)))}, - ], - 'hide_object': True, - 'access_object_class': access_object_class, - 'object': access_object_class, - } - - return render_to_response('appearance/generic_list.html', context, - context_instance=RequestContext(request)) - - -def acl_class_acl_detail(request, access_object_class_gid, holder_object_gid): - Permission.check_permissions(request.user, [acls_class_view_acl]) - try: - actor = AccessHolder.get(gid=holder_object_gid) - access_object_class = AccessObjectClass.get(gid=access_object_class_gid) - except ObjectDoesNotExist: - raise Http404 - - permission_list = get_class_permissions_for(access_object_class.content_type.model_class()) - # TODO : get all globally assigned permission, new function get_permissions_for_holder (roles aware) - subtemplates_list = [ - { - 'name': 'appearance/generic_list_subtemplate.html', - 'context': { - 'title': _('Permissions available to: %(actor)s for class %(class)s' % { - 'actor': actor, - 'class': access_object_class - }), - 'object_list': permission_list, - 'extra_columns': [ - {'name': _('Namespace'), 'attribute': 'namespace'}, - {'name': _('Label'), 'attribute': 'label'}, - { - 'name': _('Has permission'), - 'attribute': encapsulate(lambda x: two_state_template(DefaultAccessEntry.objects.has_access(x, actor.source_object, access_object_class.source_object))) - }, - ], - 'hide_object': True, - } - }, - ] - - return render_to_response('appearance/generic_form.html', { - 'object': access_object_class, - 'subtemplates_list': subtemplates_list, - 'multi_select_item_properties': { - 'permission_pk': lambda x: x.pk, - 'holder_gid': lambda x: actor.gid, - 'access_object_class_gid': lambda x: access_object_class.gid, - }, - 'read_only': True, - }, context_instance=RequestContext(request)) - - -def acl_class_new_holder_for(request, access_object_class_gid): - Permission.check_permissions(request.user, [acls_class_edit_acl]) - access_object_class = AccessObjectClass.get(gid=access_object_class_gid) - - if request.method == 'POST': - form = ClassHolderSelectionForm(request.POST) - if form.is_valid(): - try: - access_holder = ClassAccessHolder.get(form.cleaned_data['holder_gid']) - - return HttpResponseRedirect(reverse('acls:acl_class_acl_detail', args=[access_object_class.gid, access_holder.gid])) - except ObjectDoesNotExist: - raise Http404 - else: - form = ClassHolderSelectionForm(current_holders=DefaultAccessEntry.objects.get_holders_for(access_object_class)) - - context = { - 'form': form, - 'title': _('Add new holder for class: %s') % unicode(access_object_class), - 'object': access_object_class, - 'submit_label': _('Select'), - } - - return render_to_response('appearance/generic_form.html', context, - context_instance=RequestContext(request)) - - -def acl_class_multiple_grant(request): - Permission.check_permissions(request.user, [acls_class_edit_acl]) - items_property_list = loads(request.GET.get('items_property_list', [])) - - next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) - previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) - - items = {} - title_suffix = [] - navigation_object = None - navigation_object_count = 0 - - for item_properties in items_property_list: - try: - permission = Permission.get({'pk': item_properties['permission_pk']}) - except Permission.DoesNotExist: - raise Http404 - try: - requester = AccessHolder.get(gid=item_properties['holder_gid']) - access_object_class = AccessObjectClass.get(gid=item_properties['access_object_class_gid']) - except ObjectDoesNotExist: - raise Http404 - - items.setdefault(requester, {}) - items[requester].setdefault(access_object_class, []) - items[requester][access_object_class].append(permission) - navigation_object = access_object_class - navigation_object_count += 1 - - for requester, obj_ps in items.items(): - for obj, ps in obj_ps.items(): - title_suffix.append(_(', ').join(['"%s"' % unicode(p) for p in ps])) - title_suffix.append(_(' for %s') % obj) - title_suffix.append(_(' to %s') % requester) - - if len(items_property_list) == 1: - title_prefix = _('Are you sure you wish to grant the permission %(title_suffix)s?') - else: - title_prefix = _('Are you sure you wish to grant the permissions %(title_suffix)s?') - - if request.method == 'POST': - for requester, object_permissions in items.items(): - for obj, permissions in object_permissions.items(): - for permission in permissions: - if DefaultAccessEntry.objects.grant(permission, requester.source_object, obj.source_object): - messages.success(request, _('Permission "%(permission)s" granted to %(actor)s for %(object)s.') % { - 'permission': permission, - 'actor': requester, - 'object': obj - }) - else: - messages.warning(request, _('%(actor)s, already had the permission "%(permission)s" granted for %(object)s.') % { - 'actor': requester, - 'permission': permission, - 'object': obj, - }) - - return HttpResponseRedirect(next) - - context = { - 'previous': previous, - 'next': next, - } - - context['title'] = title_prefix % { - 'title_suffix': ''.join(title_suffix), - } - - logger.debug('navigation_object_count: %d', navigation_object_count) - logger.debug('navigation_object: %s', navigation_object) - if navigation_object_count == 1: - context['object'] = navigation_object - - return render_to_response('appearance/generic_confirm.html', context, - context_instance=RequestContext(request)) - - -def acl_class_multiple_revoke(request): - Permission.check_permissions(request.user, [acls_class_edit_acl]) - items_property_list = loads(request.GET.get('items_property_list', [])) - - next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) - previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) - - items = {} - title_suffix = [] - navigation_object = None - navigation_object_count = 0 - - for item_properties in items_property_list: - try: - permission = Permission.get({'pk': item_properties['permission_pk']}) - except Permission.DoesNotExist: - raise Http404 - try: - requester = AccessHolder.get(gid=item_properties['holder_gid']) - access_object_class = AccessObjectClass.get(gid=item_properties['access_object_class_gid']) - except ObjectDoesNotExist: - raise Http404 - - items.setdefault(requester, {}) - items[requester].setdefault(access_object_class, []) - items[requester][access_object_class].append(permission) - navigation_object = access_object_class - navigation_object_count += 1 - - for requester, obj_ps in items.items(): - for obj, ps in obj_ps.items(): - title_suffix.append(_(', ').join(['"%s"' % unicode(p) for p in ps])) - title_suffix.append(_(' for %s') % obj) - title_suffix.append(_(' from %s') % requester) - - if len(items_property_list) == 1: - title_prefix = _('Are you sure you wish to revoke the permission %(title_suffix)s?') - else: - title_prefix = _('Are you sure you wish to revoke the permissions %(title_suffix)s?') - - if request.method == 'POST': - for requester, object_permissions in items.items(): - for obj, permissions in object_permissions.items(): - for permission in permissions: - if DefaultAccessEntry.objects.revoke(permission, requester.source_object, obj.source_object): - messages.success(request, _('Permission "%(permission)s" revoked of %(actor)s for %(object)s.') % { - 'permission': permission, - 'actor': requester, - 'object': obj - }) - else: - messages.warning(request, _('%(actor)s, didn\'t had the permission "%(permission)s" for %(object)s.') % { - 'actor': requester, - 'permission': permission, - 'object': obj, - }) - - return HttpResponseRedirect(next) - - context = { - 'previous': previous, - 'next': next, - } - - context['title'] = title_prefix % { - 'title_suffix': ''.join(title_suffix), - } - - logger.debug('navigation_object_count: %d', navigation_object_count) - logger.debug('navigation_object: %s', navigation_object) - if navigation_object_count == 1: - context['object'] = navigation_object - - return render_to_response('appearance/generic_confirm.html', context, - context_instance=RequestContext(request)) + return acl_new_holder_for(request, access_object.source_object) diff --git a/mayan/apps/document_indexing/views.py b/mayan/apps/document_indexing/views.py index 296cc28341..932201b08e 100644 --- a/mayan/apps/document_indexing/views.py +++ b/mayan/apps/document_indexing/views.py @@ -11,7 +11,6 @@ from django.utils.html import mark_safe from django.utils.translation import ugettext_lazy as _ from acls.models import AccessEntry -from acls.utils import apply_default_acls from common.utils import encapsulate from common.views import AssignRemoveView from common.widgets import two_state_template @@ -65,7 +64,6 @@ def index_setup_create(request): form = IndexForm(request.POST) if form.is_valid(): index = form.save() - apply_default_acls(index, request.user) messages.success(request, _('Index created successfully.')) return HttpResponseRedirect(reverse('indexing:index_setup_list')) else: diff --git a/mayan/apps/documents/models.py b/mayan/apps/documents/models.py index dae7270d46..764be073f8 100644 --- a/mayan/apps/documents/models.py +++ b/mayan/apps/documents/models.py @@ -12,7 +12,6 @@ from django.db import models, transaction from django.utils.encoding import python_2_unicode_compatible from django.utils.translation import ugettext_lazy as _ -from acls.utils import apply_default_acls from common.settings import setting_temporary_directory from common.utils import fs_cleanup from converter import ( @@ -112,8 +111,6 @@ class Document(models.Model): super(Document, self).save(*args, **kwargs) if new_document: - apply_default_acls(self, user) - if user: self.add_as_recent_document_for_user(user) event_document_create.commit(actor=user, target=self) diff --git a/mayan/apps/folders/views.py b/mayan/apps/folders/views.py index eaf06c461c..d09da145b8 100644 --- a/mayan/apps/folders/views.py +++ b/mayan/apps/folders/views.py @@ -12,7 +12,6 @@ from django.template import RequestContext from django.utils.translation import ugettext_lazy as _, ungettext from acls.models import AccessEntry -from acls.utils import apply_default_acls from acls.views import acl_list_for from common.views import SingleObjectListView from documents.permissions import permission_document_view @@ -50,7 +49,6 @@ def folder_create(request): if form.is_valid(): folder, created = Folder.objects.get_or_create(user=request.user, title=form.cleaned_data['title']) if created: - apply_default_acls(folder, request.user) messages.success(request, _('Folder created successfully')) return HttpResponseRedirect(reverse('folders:folder_list')) else: diff --git a/mayan/apps/linking/views.py b/mayan/apps/linking/views.py index ea2dcee732..ded05dc3f7 100644 --- a/mayan/apps/linking/views.py +++ b/mayan/apps/linking/views.py @@ -12,7 +12,6 @@ from django.template import RequestContext from django.utils.translation import ugettext_lazy as _ from acls.models import AccessEntry -from acls.utils import apply_default_acls from acls.views import acl_list_for from common.utils import encapsulate from common.views import AssignRemoveView @@ -164,7 +163,6 @@ def smart_link_create(request): form = SmartLinkForm(request.POST) if form.is_valid(): document_group = form.save() - apply_default_acls(document_group, request.user) messages.success(request, _('Smart link: %s created successfully.') % document_group) return HttpResponseRedirect(reverse('linking:smart_link_list')) else: diff --git a/mayan/apps/permissions/models.py b/mayan/apps/permissions/models.py index 18960ad9b8..cc14c3a148 100644 --- a/mayan/apps/permissions/models.py +++ b/mayan/apps/permissions/models.py @@ -12,8 +12,6 @@ from django.utils.encoding import python_2_unicode_compatible from django.utils.translation import ugettext from django.utils.translation import ugettext_lazy as _ -#from common.models import AnonymousUserSingleton - from .managers import RoleMemberManager, StoredPermissionManager logger = logging.getLogger(__name__) @@ -94,24 +92,6 @@ class StoredPermission(models.Model): return True -""" -@python_2_unicode_compatible -class PermissionHolder(models.Model): - permission = models.ForeignKey(StoredPermission, verbose_name=_('Permission')) - holder_type = models.ForeignKey(ContentType, - related_name='permission_holder', - limit_choices_to={'model__in': ('user', 'group', 'role')}) - holder_id = models.PositiveIntegerField() - holder_object = generic.GenericForeignKey(ct_field='holder_type', fk_field='holder_id') - - class Meta: - verbose_name = _('Permission holder') - verbose_name_plural = _('Permission holders') - - def __str__(self): - return '%s: %s' % (self.holder_type, self.holder_object) -""" - @python_2_unicode_compatible class Role(models.Model): name = models.CharField(max_length=64, unique=True) @@ -129,50 +109,3 @@ class Role(models.Model): def get_absolute_url(self): return reverse('permissions:role_list') - - """ - def add_member(self, member): - member = AnonymousUserSingleton.objects.passthru_check(member) - role_member, created = RoleMember.objects.get_or_create( - role=self, - member_type=ContentType.objects.get_for_model(member), - member_id=member.pk) - if not created: - raise Exception('Unable to add member to role') - - def remove_member(self, member): - member = AnonymousUserSingleton.objects.passthru_check(member) - member_type = ContentType.objects.get_for_model(member) - role_member = RoleMember.objects.get(role=self, member_type=member_type, member_id=member.pk) - role_member.delete() - - def members(self, filter_dict=None): - filter_dict = filter_dict or {} - return (member.member_object for member in self.rolemember_set.filter(**filter_dict)) - """ - - """ -@python_2_unicode_compatible -class RoleMember(models.Model): - role = models.ForeignKey(Role, verbose_name=_('Role')) - member_type = models.ForeignKey( - ContentType, - related_name='role_member', - limit_choices_to={ - 'model__in': ( - 'user', 'group', 'anonymoususersingleton' - ) - } - ) - member_id = models.PositiveIntegerField() - member_object = generic.GenericForeignKey(ct_field='member_type', fk_field='member_id') - - objects = RoleMemberManager() - - class Meta: - verbose_name = _('Role member') - verbose_name_plural = _('Role members') - - def __str__(self): - return unicode(self.member_object) - """ diff --git a/mayan/apps/tags/views.py b/mayan/apps/tags/views.py index 32a1cbd272..317ba8d5f4 100644 --- a/mayan/apps/tags/views.py +++ b/mayan/apps/tags/views.py @@ -13,7 +13,6 @@ from django.utils.translation import ugettext_lazy as _, ungettext from acls.models import AccessEntry from acls.views import acl_list_for -from acls.utils import apply_default_acls from documents.models import Document from documents.views import DocumentListView from documents.permissions import permission_document_view @@ -37,7 +36,6 @@ def tag_create(request): form = TagForm(request.POST) if form.is_valid(): tag = form.save() - apply_default_acls(tag, request.user) messages.success(request, _('Tag created succesfully.')) return HttpResponseRedirect(redirect_url)