Remove related attribute of check_access
Remove filter_by_access. Replaced by restrict_queryset. Signed-off-by: Roberto Rosario <roberto.rosario.gonzalez@gmail.com>
This commit is contained in:
Roberto Rosario
@@ -242,6 +242,8 @@
|
|||||||
* Remove ObjectListPermissionFilterMixin.
|
* Remove ObjectListPermissionFilterMixin.
|
||||||
* Add deprecation warning to convertdb
|
* Add deprecation warning to convertdb
|
||||||
* Add the preparestatic command.
|
* Add the preparestatic command.
|
||||||
|
* Remove the related attribute of check_access.
|
||||||
|
* Remove filter_by_access. Replaced by restrict_queryset.
|
||||||
|
|
||||||
3.1.11 (2019-04-XX)
|
3.1.11 (2019-04-XX)
|
||||||
===================
|
===================
|
||||||
|
|||||||
@@ -276,6 +276,18 @@ Other changes
|
|||||||
* Add deprecation warning to convertdb
|
* Add deprecation warning to convertdb
|
||||||
* Add the preparestatic command.
|
* Add the preparestatic command.
|
||||||
|
|
||||||
|
* Remove filter_by_access. Replaced by restrict_queryset.
|
||||||
|
|
||||||
|
* Remove the related attribute of check_access
|
||||||
|
- 'Passing the argument `related` to check_access() is '
|
||||||
|
- 'deprecated. Use the ModelPermission\'s class '
|
||||||
|
- '.register_inheritance() class method to register the access '
|
||||||
|
- 'relationship between two models. The registered relationship '
|
||||||
|
- 'will be automatically used by check_access().',
|
||||||
|
- InterfaceWarning
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
Removals
|
Removals
|
||||||
--------
|
--------
|
||||||
|
|||||||
@@ -190,20 +190,7 @@ class AccessControlListManager(models.Manager):
|
|||||||
|
|
||||||
return result
|
return result
|
||||||
|
|
||||||
def check_access(self, obj, permissions, user, related=None):
|
def check_access(self, obj, permissions, user):
|
||||||
"""
|
|
||||||
The `related` argument is ignored.
|
|
||||||
"""
|
|
||||||
if related:
|
|
||||||
warnings.warn(
|
|
||||||
'Passing the argument `related` to check_access() is '
|
|
||||||
'deprecated. Use the ModelPermission\'s class '
|
|
||||||
'.register_inheritance() class method to register the access '
|
|
||||||
'relationship between two models. The registered relationship '
|
|
||||||
'will be automatically used by check_access().',
|
|
||||||
InterfaceWarning
|
|
||||||
)
|
|
||||||
|
|
||||||
meta = getattr(obj, '_meta', None)
|
meta = getattr(obj, '_meta', None)
|
||||||
|
|
||||||
if not meta:
|
if not meta:
|
||||||
@@ -234,11 +221,6 @@ class AccessControlListManager(models.Manager):
|
|||||||
)
|
)
|
||||||
)
|
)
|
||||||
|
|
||||||
def filter_by_access(self, permission, user, queryset):
|
|
||||||
return self.restrict_queryset(
|
|
||||||
permission=permission, queryset=queryset, user=user
|
|
||||||
)
|
|
||||||
|
|
||||||
def restrict_queryset(self, permission, queryset, user):
|
def restrict_queryset(self, permission, queryset, user):
|
||||||
# Check directly granted permission via a role
|
# Check directly granted permission via a role
|
||||||
try:
|
try:
|
||||||
|
|||||||
@@ -28,7 +28,7 @@ class PermissionTestCase(ACLTestMixin, BaseTestCase):
|
|||||||
self._setup_test_object()
|
self._setup_test_object()
|
||||||
|
|
||||||
self.assertEqual(
|
self.assertEqual(
|
||||||
AccessControlList.objects.filter_by_access(
|
AccessControlList.objects.restrict_queryset(
|
||||||
permission=self.test_permission,
|
permission=self.test_permission,
|
||||||
queryset=self.test_object._meta.model._default_manager.all(),
|
queryset=self.test_object._meta.model._default_manager.all(),
|
||||||
user=self._test_case_user
|
user=self._test_case_user
|
||||||
@@ -58,7 +58,7 @@ class PermissionTestCase(ACLTestMixin, BaseTestCase):
|
|||||||
)
|
)
|
||||||
|
|
||||||
self.assertTrue(
|
self.assertTrue(
|
||||||
self.test_object in AccessControlList.objects.filter_by_access(
|
self.test_object in AccessControlList.objects.restrict_queryset(
|
||||||
permission=self.test_permission,
|
permission=self.test_permission,
|
||||||
queryset=self.test_object._meta.model._default_manager.all(),
|
queryset=self.test_object._meta.model._default_manager.all(),
|
||||||
user=self._test_case_user
|
user=self._test_case_user
|
||||||
@@ -136,7 +136,7 @@ class PermissionTestCase(ACLTestMixin, BaseTestCase):
|
|||||||
obj=self.test_object_parent, permission=self.test_permission
|
obj=self.test_object_parent, permission=self.test_permission
|
||||||
)
|
)
|
||||||
|
|
||||||
result = AccessControlList.objects.filter_by_access(
|
result = AccessControlList.objects.restrict_queryset(
|
||||||
permission=self.test_permission,
|
permission=self.test_permission,
|
||||||
queryset=self.test_object_child._meta.model._default_manager.all(),
|
queryset=self.test_object_child._meta.model._default_manager.all(),
|
||||||
user=self._test_case_user
|
user=self._test_case_user
|
||||||
@@ -154,7 +154,7 @@ class PermissionTestCase(ACLTestMixin, BaseTestCase):
|
|||||||
obj=self.test_object_child, permission=self.test_permission
|
obj=self.test_object_child, permission=self.test_permission
|
||||||
)
|
)
|
||||||
|
|
||||||
result = AccessControlList.objects.filter_by_access(
|
result = AccessControlList.objects.restrict_queryset(
|
||||||
permission=self.test_permission,
|
permission=self.test_permission,
|
||||||
queryset=self.test_object_child._meta.model._default_manager.all(),
|
queryset=self.test_object_child._meta.model._default_manager.all(),
|
||||||
user=self._test_case_user,
|
user=self._test_case_user,
|
||||||
|
|||||||
@@ -140,9 +140,9 @@ class APICabinetDocumentListView(generics.ListCreateAPIView):
|
|||||||
def get_queryset(self):
|
def get_queryset(self):
|
||||||
cabinet = self.get_cabinet()
|
cabinet = self.get_cabinet()
|
||||||
|
|
||||||
return AccessControlList.objects.filter_by_access(
|
return AccessControlList.objects.restrict_queryset(
|
||||||
permission_document_view, self.request.user,
|
permission=permission_document_view,
|
||||||
queryset=cabinet.documents.all()
|
queryset=cabinet.documents.all(), user=self.request.user
|
||||||
)
|
)
|
||||||
|
|
||||||
def perform_create(self, serializer):
|
def perform_create(self, serializer):
|
||||||
|
|||||||
@@ -71,8 +71,9 @@ class Cabinet(MPTTModel):
|
|||||||
Provide a queryset of the documents in a cabinet. The queryset is
|
Provide a queryset of the documents in a cabinet. The queryset is
|
||||||
filtered by access.
|
filtered by access.
|
||||||
"""
|
"""
|
||||||
return AccessControlList.objects.filter_by_access(
|
return AccessControlList.objects.restrict_queryset(
|
||||||
permission_document_view, user, queryset=self.documents
|
permission=permission_document_view, queryset=self.documents,
|
||||||
|
user=user
|
||||||
)
|
)
|
||||||
|
|
||||||
def get_full_path(self):
|
def get_full_path(self):
|
||||||
|
|||||||
@@ -42,7 +42,7 @@ def widget_document_cabinets(document, user):
|
|||||||
app_label='acls', model_name='AccessControlList'
|
app_label='acls', model_name='AccessControlList'
|
||||||
)
|
)
|
||||||
|
|
||||||
cabinets = AccessControlList.objects.filter_by_access(
|
cabinets = AccessControlList.objects.restrict_queryset(
|
||||||
permission_cabinet_view, queryset=document.document_cabinets(),
|
permission_cabinet_view, queryset=document.document_cabinets(),
|
||||||
user=user
|
user=user
|
||||||
)
|
)
|
||||||
|
|||||||
@@ -33,11 +33,11 @@ class APICheckedoutDocumentListView(generics.ListCreateAPIView):
|
|||||||
return DocumentCheckoutSerializer
|
return DocumentCheckoutSerializer
|
||||||
|
|
||||||
def get_queryset(self):
|
def get_queryset(self):
|
||||||
filtered_documents = AccessControlList.objects.filter_by_access(
|
filtered_documents = AccessControlList.objects.restrict_queryset(
|
||||||
permission=permission_document_view, user=self.request.user,
|
permission=permission_document_view, user=self.request.user,
|
||||||
queryset=DocumentCheckout.objects.checked_out_documents()
|
queryset=DocumentCheckout.objects.checked_out_documents()
|
||||||
)
|
)
|
||||||
filtered_documents = AccessControlList.objects.filter_by_access(
|
filtered_documents = AccessControlList.objects.restrict_queryset(
|
||||||
permission=permission_document_check_out_detail_view, user=self.request.user,
|
permission=permission_document_check_out_detail_view, user=self.request.user,
|
||||||
queryset=filtered_documents
|
queryset=filtered_documents
|
||||||
)
|
)
|
||||||
@@ -56,12 +56,12 @@ class APICheckedoutDocumentView(generics.RetrieveDestroyAPIView):
|
|||||||
|
|
||||||
def get_queryset(self):
|
def get_queryset(self):
|
||||||
if self.request.method == 'GET':
|
if self.request.method == 'GET':
|
||||||
filtered_documents = AccessControlList.objects.filter_by_access(
|
filtered_documents = AccessControlList.objects.restrict_queryset(
|
||||||
permission=permission_document_view,
|
permission=permission_document_view,
|
||||||
queryset=DocumentCheckout.objects.checked_out_documents(),
|
queryset=DocumentCheckout.objects.checked_out_documents(),
|
||||||
user=self.request.user
|
user=self.request.user
|
||||||
)
|
)
|
||||||
filtered_documents = AccessControlList.objects.filter_by_access(
|
filtered_documents = AccessControlList.objects.restrict_queryset(
|
||||||
permission=permission_document_check_out_detail_view,
|
permission=permission_document_check_out_detail_view,
|
||||||
queryset=filtered_documents, user=self.request.user
|
queryset=filtered_documents, user=self.request.user
|
||||||
)
|
)
|
||||||
|
|||||||
@@ -23,12 +23,12 @@ class DashboardWidgetTotalCheckouts(DashboardWidgetNumeric):
|
|||||||
DocumentCheckout = apps.get_model(
|
DocumentCheckout = apps.get_model(
|
||||||
app_label='checkouts', model_name='DocumentCheckout'
|
app_label='checkouts', model_name='DocumentCheckout'
|
||||||
)
|
)
|
||||||
queryset = AccessControlList.objects.filter_by_access(
|
queryset = AccessControlList.objects.restrict_queryset(
|
||||||
permission=permission_document_check_out_detail_view,
|
permission=permission_document_check_out_detail_view,
|
||||||
queryset=DocumentCheckout.objects.checked_out_documents(),
|
queryset=DocumentCheckout.objects.checked_out_documents(),
|
||||||
user=request.user
|
user=request.user
|
||||||
)
|
)
|
||||||
queryset = AccessControlList.objects.filter_by_access(
|
queryset = AccessControlList.objects.restrict_queryset(
|
||||||
permission=permission_document_view, queryset=queryset,
|
permission=permission_document_view, queryset=queryset,
|
||||||
user=request.user
|
user=request.user
|
||||||
)
|
)
|
||||||
|
|||||||
@@ -133,7 +133,7 @@ class CheckoutDocumentView(SingleObjectCreateView):
|
|||||||
|
|
||||||
class CheckoutListView(DocumentListView):
|
class CheckoutListView(DocumentListView):
|
||||||
def get_document_queryset(self):
|
def get_document_queryset(self):
|
||||||
return AccessControlList.objects.filter_by_access(
|
return AccessControlList.objects.restrict_queryset(
|
||||||
permission=permission_document_check_out_detail_view,
|
permission=permission_document_check_out_detail_view,
|
||||||
queryset=DocumentCheckout.objects.checked_out_documents(),
|
queryset=DocumentCheckout.objects.checked_out_documents(),
|
||||||
user=self.request.user
|
user=self.request.user
|
||||||
|
|||||||
@@ -255,7 +255,7 @@ class FilteredSelectionForm(forms.Form):
|
|||||||
widget_class = opts.widget_class
|
widget_class = opts.widget_class
|
||||||
|
|
||||||
if opts.permission:
|
if opts.permission:
|
||||||
queryset = AccessControlList.objects.filter_by_access(
|
queryset = AccessControlList.objects.restrict_queryset(
|
||||||
permission=opts.permission, queryset=queryset,
|
permission=opts.permission, queryset=queryset,
|
||||||
user=opts.user
|
user=opts.user
|
||||||
)
|
)
|
||||||
|
|||||||
@@ -369,7 +369,7 @@ class AddRemoveView(
|
|||||||
queryset = self.secondary_object_model._meta.default_manager.all()
|
queryset = self.secondary_object_model._meta.default_manager.all()
|
||||||
|
|
||||||
if self.secondary_object_permission:
|
if self.secondary_object_permission:
|
||||||
return AccessControlList.objects.filter_by_access(
|
return AccessControlList.objects.restrict_queryset(
|
||||||
permission=self.secondary_object_permission, queryset=queryset,
|
permission=self.secondary_object_permission, queryset=queryset,
|
||||||
user=self.request.user
|
user=self.request.user
|
||||||
)
|
)
|
||||||
|
|||||||
@@ -109,7 +109,7 @@ class ExternalObjectMixin(object):
|
|||||||
permission = self.get_external_object_permission()
|
permission = self.get_external_object_permission()
|
||||||
|
|
||||||
if permission:
|
if permission:
|
||||||
queryset = AccessControlList.objects.filter_by_access(
|
queryset = AccessControlList.objects.restrict_queryset(
|
||||||
permission=permission, queryset=queryset,
|
permission=permission, queryset=queryset,
|
||||||
user=self.request.user
|
user=self.request.user
|
||||||
)
|
)
|
||||||
@@ -309,7 +309,6 @@ class ObjectPermissionCheckMixin(object):
|
|||||||
AccessControlList.objects.check_access(
|
AccessControlList.objects.check_access(
|
||||||
obj=self.get_permission_object(),
|
obj=self.get_permission_object(),
|
||||||
permissions=(self.object_permission,),
|
permissions=(self.object_permission,),
|
||||||
related=getattr(self, 'object_permission_related', None),
|
|
||||||
user=request.user
|
user=request.user
|
||||||
)
|
)
|
||||||
|
|
||||||
@@ -395,7 +394,7 @@ class RestrictedQuerysetMixin(object):
|
|||||||
queryset = self.get_source_queryset()
|
queryset = self.get_source_queryset()
|
||||||
|
|
||||||
if self.object_permission:
|
if self.object_permission:
|
||||||
queryset = AccessControlList.objects.filter_by_access(
|
queryset = AccessControlList.objects.restrict_queryset(
|
||||||
permission=self.object_permission, queryset=queryset,
|
permission=self.object_permission, queryset=queryset,
|
||||||
user=self.request.user
|
user=self.request.user
|
||||||
)
|
)
|
||||||
|
|||||||
@@ -405,7 +405,7 @@ class IndexInstanceNode(MPTTModel):
|
|||||||
return self.get_descendants().count()
|
return self.get_descendants().count()
|
||||||
|
|
||||||
def get_descendants_document_count(self, user):
|
def get_descendants_document_count(self, user):
|
||||||
return AccessControlList.objects.filter_by_access(
|
return AccessControlList.objects.restrict_queryset(
|
||||||
permission=permission_document_view,
|
permission=permission_document_view,
|
||||||
queryset=Document.objects.filter(
|
queryset=Document.objects.filter(
|
||||||
index_instance_nodes__in=self.get_descendants(
|
index_instance_nodes__in=self.get_descendants(
|
||||||
@@ -426,7 +426,7 @@ class IndexInstanceNode(MPTTModel):
|
|||||||
|
|
||||||
def get_item_count(self, user):
|
def get_item_count(self, user):
|
||||||
if self.index_template_node.link_documents:
|
if self.index_template_node.link_documents:
|
||||||
queryset = AccessControlList.objects.filter_by_access(
|
queryset = AccessControlList.objects.restrict_queryset(
|
||||||
permission=permission_document_view, queryset=self.documents,
|
permission=permission_document_view, queryset=self.documents,
|
||||||
user=user
|
user=user
|
||||||
)
|
)
|
||||||
|
|||||||
@@ -444,7 +444,7 @@ class WorkflowInstance(models.Model):
|
|||||||
If not ACL access to the workflow, filter transition
|
If not ACL access to the workflow, filter transition
|
||||||
options by each transition ACL access
|
options by each transition ACL access
|
||||||
"""
|
"""
|
||||||
queryset = AccessControlList.objects.filter_by_access(
|
queryset = AccessControlList.objects.restrict_queryset(
|
||||||
permission=permission_workflow_transition,
|
permission=permission_workflow_transition,
|
||||||
queryset=queryset,
|
queryset=queryset,
|
||||||
user=_user
|
user=_user
|
||||||
|
|||||||
@@ -34,7 +34,7 @@ class DashboardWidgetDocumentPagesTotal(DashboardWidgetNumeric):
|
|||||||
DocumentPage = apps.get_model(
|
DocumentPage = apps.get_model(
|
||||||
app_label='documents', model_name='DocumentPage'
|
app_label='documents', model_name='DocumentPage'
|
||||||
)
|
)
|
||||||
self.count = AccessControlList.objects.filter_by_access(
|
self.count = AccessControlList.objects.restrict_queryset(
|
||||||
permission=permission_document_view, user=request.user,
|
permission=permission_document_view, user=request.user,
|
||||||
queryset=DocumentPage.objects.all()
|
queryset=DocumentPage.objects.all()
|
||||||
).count()
|
).count()
|
||||||
@@ -53,7 +53,7 @@ class DashboardWidgetDocumentsTotal(DashboardWidgetNumeric):
|
|||||||
Document = apps.get_model(
|
Document = apps.get_model(
|
||||||
app_label='documents', model_name='Document'
|
app_label='documents', model_name='Document'
|
||||||
)
|
)
|
||||||
self.count = AccessControlList.objects.filter_by_access(
|
self.count = AccessControlList.objects.restrict_queryset(
|
||||||
permission=permission_document_view, user=request.user,
|
permission=permission_document_view, user=request.user,
|
||||||
queryset=Document.objects.all()
|
queryset=Document.objects.all()
|
||||||
).count()
|
).count()
|
||||||
@@ -72,7 +72,7 @@ class DashboardWidgetDocumentsInTrash(DashboardWidgetNumeric):
|
|||||||
DeletedDocument = apps.get_model(
|
DeletedDocument = apps.get_model(
|
||||||
app_label='documents', model_name='DeletedDocument'
|
app_label='documents', model_name='DeletedDocument'
|
||||||
)
|
)
|
||||||
self.count = AccessControlList.objects.filter_by_access(
|
self.count = AccessControlList.objects.restrict_queryset(
|
||||||
permission=permission_document_view, user=request.user,
|
permission=permission_document_view, user=request.user,
|
||||||
queryset=DeletedDocument.objects.all()
|
queryset=DeletedDocument.objects.all()
|
||||||
).count()
|
).count()
|
||||||
@@ -91,7 +91,7 @@ class DashboardWidgetDocumentsTypesTotal(DashboardWidgetNumeric):
|
|||||||
DocumentType = apps.get_model(
|
DocumentType = apps.get_model(
|
||||||
app_label='documents', model_name='DocumentType'
|
app_label='documents', model_name='DocumentType'
|
||||||
)
|
)
|
||||||
self.count = AccessControlList.objects.filter_by_access(
|
self.count = AccessControlList.objects.restrict_queryset(
|
||||||
permission=permission_document_type_view, user=request.user,
|
permission=permission_document_type_view, user=request.user,
|
||||||
queryset=DocumentType.objects.all()
|
queryset=DocumentType.objects.all()
|
||||||
).count()
|
).count()
|
||||||
|
|||||||
@@ -34,7 +34,7 @@ class DocumentTypeFilteredSelectForm(forms.Form):
|
|||||||
|
|
||||||
queryset = DocumentType.objects.all()
|
queryset = DocumentType.objects.all()
|
||||||
if permission:
|
if permission:
|
||||||
queryset = AccessControlList.objects.filter_by_access(
|
queryset = AccessControlList.objects.restrict_queryset(
|
||||||
permission=permission, queryset=queryset, user=user
|
permission=permission, queryset=queryset, user=user
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|||||||
@@ -85,7 +85,7 @@ class DocumentType(models.Model):
|
|||||||
)
|
)
|
||||||
|
|
||||||
def get_document_count(self, user):
|
def get_document_count(self, user):
|
||||||
queryset = AccessControlList.objects.filter_by_access(
|
queryset = AccessControlList.objects.restrict_queryset(
|
||||||
permission_document_view, user, queryset=self.documents
|
permission_document_view, user, queryset=self.documents
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|||||||
@@ -70,7 +70,7 @@ def new_documents_this_month(user=None):
|
|||||||
queryset = Document.objects.all()
|
queryset = Document.objects.all()
|
||||||
|
|
||||||
if user:
|
if user:
|
||||||
queryset = AccessControlList.objects.filter_by_access(
|
queryset = AccessControlList.objects.restrict_queryset(
|
||||||
permission=permission_document_view, user=user,
|
permission=permission_document_view, user=user,
|
||||||
queryset=queryset
|
queryset=queryset
|
||||||
)
|
)
|
||||||
@@ -112,7 +112,7 @@ def new_document_pages_this_month(user=None):
|
|||||||
queryset = DocumentPage.objects.all()
|
queryset = DocumentPage.objects.all()
|
||||||
|
|
||||||
if user:
|
if user:
|
||||||
queryset = AccessControlList.objects.filter_by_access(
|
queryset = AccessControlList.objects.restrict_queryset(
|
||||||
permission=permission_document_view, user=user,
|
permission=permission_document_view, user=user,
|
||||||
queryset=queryset
|
queryset=queryset
|
||||||
)
|
)
|
||||||
|
|||||||
@@ -230,9 +230,9 @@ class DocumentDownloadFormView(FormView):
|
|||||||
return kwargs
|
return kwargs
|
||||||
|
|
||||||
def get_queryset(self):
|
def get_queryset(self):
|
||||||
return AccessControlList.objects.filter_by_access(
|
return AccessControlList.objects.restrict_queryset(
|
||||||
permission_document_download, self.request.user,
|
permission=permission_document_download,
|
||||||
queryset=self.get_document_queryset()
|
queryset=self.get_document_queryset(), user=self.request.user
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
@@ -269,8 +269,9 @@ class DocumentDownloadView(SingleObjectDownloadView):
|
|||||||
|
|
||||||
queryset = self.model.objects.filter(pk__in=id_list.split(','))
|
queryset = self.model.objects.filter(pk__in=id_list.split(','))
|
||||||
|
|
||||||
return AccessControlList.objects.filter_by_access(
|
return AccessControlList.objects.restrict_queryset(
|
||||||
permission_document_download, self.request.user, queryset
|
permission=permission_document_download, queryset=queryset,
|
||||||
|
user=self.request.user
|
||||||
)
|
)
|
||||||
|
|
||||||
def get_file(self):
|
def get_file(self):
|
||||||
|
|||||||
@@ -111,7 +111,7 @@ class TrashedDocumentListView(DocumentListView):
|
|||||||
object_permission = None
|
object_permission = None
|
||||||
|
|
||||||
def get_document_queryset(self):
|
def get_document_queryset(self):
|
||||||
return AccessControlList.objects.filter_by_access(
|
return AccessControlList.objects.restrict_queryset(
|
||||||
permission=permission_document_view,
|
permission=permission_document_view,
|
||||||
queryset=DeletedDocument.trash.all(),
|
queryset=DeletedDocument.trash.all(),
|
||||||
user=self.request.user
|
user=self.request.user
|
||||||
|
|||||||
@@ -166,7 +166,7 @@ class SearchModel(object):
|
|||||||
queryset = self.model.objects.filter(search_query.query).distinct()
|
queryset = self.model.objects.filter(search_query.query).distinct()
|
||||||
|
|
||||||
if self.permission:
|
if self.permission:
|
||||||
queryset = AccessControlList.objects.filter_by_access(
|
queryset = AccessControlList.objects.restrict_queryset(
|
||||||
permission=self.permission, queryset=queryset, user=user
|
permission=self.permission, queryset=queryset, user=user
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|||||||
@@ -177,7 +177,7 @@ class ObjectEventListView(EventListView):
|
|||||||
model=self.kwargs['model']
|
model=self.kwargs['model']
|
||||||
)
|
)
|
||||||
|
|
||||||
queryset = AccessControlList.objects.filter_by_access(
|
queryset = AccessControlList.objects.restrict_queryset(
|
||||||
permission=permission_events_view,
|
permission=permission_events_view,
|
||||||
queryset=content_type.model_class().objects.all(),
|
queryset=content_type.model_class().objects.all(),
|
||||||
user=self.request.user
|
user=self.request.user
|
||||||
|
|||||||
@@ -44,7 +44,7 @@ class DocumentMailForm(forms.Form):
|
|||||||
'project_website': setting_project_url.value
|
'project_website': setting_project_url.value
|
||||||
}
|
}
|
||||||
|
|
||||||
queryset = AccessControlList.objects.filter_by_access(
|
queryset = AccessControlList.objects.restrict_queryset(
|
||||||
permission=permission_user_mailer_use, user=user,
|
permission=permission_user_mailer_use, user=user,
|
||||||
queryset=UserMailer.objects.filter(enabled=True)
|
queryset=UserMailer.objects.filter(enabled=True)
|
||||||
)
|
)
|
||||||
|
|||||||
@@ -736,7 +736,7 @@ class SetupDocumentTypeMetadataTypes(FormView):
|
|||||||
|
|
||||||
def get_queryset(self):
|
def get_queryset(self):
|
||||||
queryset = self.submodel.objects.all()
|
queryset = self.submodel.objects.all()
|
||||||
return AccessControlList.objects.filter_by_access(
|
return AccessControlList.objects.restrict_queryset(
|
||||||
permission=permission_document_type_edit,
|
permission=permission_document_type_edit,
|
||||||
user=self.request.user, queryset=queryset
|
user=self.request.user, queryset=queryset
|
||||||
)
|
)
|
||||||
|
|||||||
@@ -35,7 +35,7 @@ def get_cascade_condition(app_label, model_name, object_permission, view_permiss
|
|||||||
else:
|
else:
|
||||||
return True
|
return True
|
||||||
|
|
||||||
queryset = AccessControlList.objects.filter_by_access(
|
queryset = AccessControlList.objects.restrict_queryset(
|
||||||
permission=object_permission, user=context.request.user,
|
permission=object_permission, user=context.request.user,
|
||||||
queryset=Model.objects.all()
|
queryset=Model.objects.all()
|
||||||
)
|
)
|
||||||
|
|||||||
@@ -15,8 +15,9 @@ class MayanObjectPermissionsFilter(BaseFilterBackend):
|
|||||||
).get(request.method, None)
|
).get(request.method, None)
|
||||||
|
|
||||||
if required_permissions:
|
if required_permissions:
|
||||||
return AccessControlList.objects.filter_by_access(
|
return AccessControlList.objects.restrict_queryset(
|
||||||
required_permissions[0], request.user, queryset=queryset
|
queryset=queryset, permission=required_permissions[0],
|
||||||
|
user=request.user
|
||||||
)
|
)
|
||||||
else:
|
else:
|
||||||
return queryset
|
return queryset
|
||||||
|
|||||||
@@ -26,7 +26,7 @@ def condition_check_document_creation_acls(context):
|
|||||||
app_label='documents', model_name='DocumentType'
|
app_label='documents', model_name='DocumentType'
|
||||||
)
|
)
|
||||||
|
|
||||||
queryset = AccessControlList.objects.filter_by_access(
|
queryset = AccessControlList.objects.restrict_queryset(
|
||||||
permission=permission_document_create,
|
permission=permission_document_create,
|
||||||
queryset=DocumentType.objects.all(), user=context['user']
|
queryset=DocumentType.objects.all(), user=context['user']
|
||||||
)
|
)
|
||||||
|
|||||||
@@ -14,8 +14,9 @@ def widget_document_tags(document, user):
|
|||||||
app_label='acls', model_name='AccessControlList'
|
app_label='acls', model_name='AccessControlList'
|
||||||
)
|
)
|
||||||
|
|
||||||
tags = AccessControlList.objects.filter_by_access(
|
tags = AccessControlList.objects.restrict_queryset(
|
||||||
permission_tag_view, user, queryset=document.attached_tags().all()
|
permission=permission_tag_view, queryset=document.attached_tags().all(),
|
||||||
|
user=user
|
||||||
)
|
)
|
||||||
|
|
||||||
return render_to_string(
|
return render_to_string(
|
||||||
|
|||||||
@@ -63,7 +63,7 @@ class Tag(models.Model):
|
|||||||
Return the numeric count of documents that have this tag attached.
|
Return the numeric count of documents that have this tag attached.
|
||||||
The count if filtered by access.
|
The count if filtered by access.
|
||||||
"""
|
"""
|
||||||
queryset = AccessControlList.objects.filter_by_access(
|
queryset = AccessControlList.objects.restrict_queryset(
|
||||||
permission_document_view, user, queryset=self.documents
|
permission_document_view, user, queryset=self.documents
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|||||||
@@ -37,7 +37,7 @@ class AttachTagAction(WorkflowAction):
|
|||||||
user = request.user
|
user = request.user
|
||||||
logger.debug('user: %s', user)
|
logger.debug('user: %s', user)
|
||||||
|
|
||||||
queryset = AccessControlList.objects.filter_by_access(
|
queryset = AccessControlList.objects.restrict_queryset(
|
||||||
self.permission, user, queryset=Tag.objects.all()
|
self.permission, user, queryset=Tag.objects.all()
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|||||||
@@ -135,9 +135,9 @@ class APIUserGroupList(generics.ListCreateAPIView):
|
|||||||
def get_queryset(self):
|
def get_queryset(self):
|
||||||
user = self.get_user()
|
user = self.get_user()
|
||||||
|
|
||||||
return AccessControlList.objects.filter_by_access(
|
return AccessControlList.objects.restrict_queryset(
|
||||||
permission_group_view, self.request.user,
|
permission=permission_group_view,
|
||||||
queryset=user.groups.order_by('id')
|
queryset=user.groups.order_by('id'), user=self.request.user
|
||||||
)
|
)
|
||||||
|
|
||||||
def get_user(self):
|
def get_user(self):
|
||||||
|
|||||||
@@ -40,7 +40,7 @@ def method_group_get_users(self, user, permission=permission_user_view):
|
|||||||
app_label='acls', model_name='AccessControlList'
|
app_label='acls', model_name='AccessControlList'
|
||||||
)
|
)
|
||||||
|
|
||||||
return AccessControlList.objects.filter_by_access(
|
return AccessControlList.objects.restrict_queryset(
|
||||||
permission=permission, queryset=get_user_queryset().filter(
|
permission=permission, queryset=get_user_queryset().filter(
|
||||||
id__in=self.user_set.all()
|
id__in=self.user_set.all()
|
||||||
), user=user
|
), user=user
|
||||||
@@ -82,7 +82,7 @@ def method_user_get_groups(self, user, permission=permission_group_view):
|
|||||||
app_label='acls', model_name='AccessControlList'
|
app_label='acls', model_name='AccessControlList'
|
||||||
)
|
)
|
||||||
|
|
||||||
return AccessControlList.objects.filter_by_access(
|
return AccessControlList.objects.restrict_queryset(
|
||||||
permission=permission, queryset=self.groups.all(), user=user
|
permission=permission, queryset=self.groups.all(), user=user
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user