Add permissions for the bootstrap app

apps/bootstrap/api.py

@@ -4,17 +4,20 @@ from django.utils.translation import ugettext_lazy as _
 from django.utils.translation import ugettext
 from django.contrib.auth.models import User, Group
 
-from metadata.models import MetadataType, MetadataSet
-from document_indexing.models import Index, IndexTemplateNode
-from documents.models import DocumentType, DocumentTypeFilename, Document
 from permissions.models import Role
+from documents.models import DocumentType, DocumentTypeFilename, Document
+from metadata.models import MetadataType, MetadataSet
 from metadata.api import save_metadata_list
-#from sources.models import WebForm, StagingFolder
+from document_indexing.models import Index, IndexTemplateNode
+from sources.models import WebForm, StagingFolder
 
 bootstrap_options = {}
 
 
 def nuke_database():
+    for obj in DocumentType.objects.all():
+        obj.delete()
+
     for obj in Document.objects.all():
         obj.delete()
         
@@ -27,14 +30,11 @@ def nuke_database():
     for obj in Index.objects.all():
         obj.delete()
 
-    for obj in DocumentType.objects.all():
+    for obj in WebForm.objects.all():
         obj.delete()
 
-    #for obj in WebForm.objects.all():
-    #    obj.delete()
-
-    #for obj in StagingFolder.objects.all():
-    #    obj.delete()
+    for obj in StagingFolder.objects.all():
+        obj.delete()
 
     for obj in Group.objects.all():
         obj.delete()
@@ -43,6 +43,10 @@ def nuke_database():
         if not obj.is_superuser and not obj.is_staff:
             obj.delete()
             
+    for obj in Role.objects.all():
+        obj.delete()
+
+    # TODO: Add history, ocr logs
 
 class BootstrapBase(object):
     name = None

apps/bootstrap/links.py

@@ -1,10 +1,9 @@
+from __future__ import absolute_import
+
 from django.utils.translation import ugettext_lazy as _
 
+from .permissions import PERMISSION_BOOTSTRAP_EXECUTE, PERMISSION_NUKE_DATABASE 
 
-def is_superuser(context):
-    return context['request'].user.is_staff or context['request'].user.is_superuser
-
-
-database_bootstrap = {'text': _(u'bootstrap database'), 'view': 'bootstrap_type_list', 'icon': 'database_lightning.png', 'condition': is_superuser}#, 'children_view_regex': [r'statistics']}
-bootstrap_execute = {'text': _(u'execute'), 'view': 'bootstrap_execute', 'args': 'object.name', 'sprite': 'database_lightning.png', 'condition': is_superuser}#, 'children_view_regex': [r'statistics']}
-erase_database_link = {'text': _(u'erase database'), 'view': 'erase_database_view', 'icon': 'radioactivity.png', 'condition': is_superuser}#, 'children_view_regex': [r'statistics']}
+database_bootstrap = {'text': _(u'bootstrap database'), 'view': 'bootstrap_type_list', 'icon': 'database_lightning.png', 'permissions': [PERMISSION_BOOTSTRAP_EXECUTE]}
+bootstrap_execute = {'text': _(u'execute'), 'view': 'bootstrap_execute', 'args': 'object.name', 'sprite': 'database_lightning.png', 'permissions': [PERMISSION_BOOTSTRAP_EXECUTE]}
+erase_database_link = {'text': _(u'erase database'), 'view': 'erase_database_view', 'icon': 'radioactivity.png', 'permissions': [PERMISSION_NUKE_DATABASE]}

apps/bootstrap/permissions.py

@@ -0,0 +1,11 @@
+from __future__ import absolute_import
+
+from django.utils.translation import ugettext_lazy as _
+
+from permissions.models import PermissionNamespace, Permission
+
+namespace = PermissionNamespace('bootstrap', _(u'Database bootstrap'))
+
+PERMISSION_BOOTSTRAP_EXECUTE = Permission.objects.register(namespace, 'bootstrap_execute', _(u'Execute document bootstraps'))
+PERMISSION_NUKE_DATABASE = Permission.objects.register(namespace, 'nuke_database', _(u'Erase the entire database and document storage'))
+

apps/bootstrap/views.py

@@ -7,11 +7,14 @@ from django.template import RequestContext
 from django.contrib import messages
 from django.core.urlresolvers import reverse
 
+from permissions.models import Permission
+
 from .api import bootstrap_options, nuke_database
+from .permissions import PERMISSION_BOOTSTRAP_EXECUTE, PERMISSION_NUKE_DATABASE 
 
 
 def bootstrap_type_list(request):
-    # TODO: Check for superadmin
+    Permission.objects.check_permissions(request.user, [PERMISSION_BOOTSTRAP_EXECUTE])
     
     context = {
         'object_list': bootstrap_options.values(),
@@ -19,7 +22,6 @@ def bootstrap_type_list(request):
         'hide_link': True,
         'extra_columns': [
             {'name': _(u'description'), 'attribute': 'description'},
-            #{'name': _(u'label'), 'attribute': encapsulate(lambda document: document.checkout_info().expiration_datetime)},
         ],
     }
 
@@ -28,6 +30,7 @@ def bootstrap_type_list(request):
 
 
 def bootstrap_execute(request, bootstrap_name):
+    Permission.objects.check_permissions(request.user, [PERMISSION_BOOTSTRAP_EXECUTE])
     bootstrap = bootstrap_options[bootstrap_name]
     
     post_action_redirect = reverse('bootstrap_type_list')
@@ -60,7 +63,7 @@ def bootstrap_execute(request, bootstrap_name):
 
 
 def erase_database_view(request):
-    # TODO: check for permission
+    Permission.objects.check_permissions(request.user, [PERMISSION_NUKE_DATABASE])
 
     post_action_redirect = None
 
@@ -77,15 +80,14 @@ def erase_database_view(request):
             return HttpResponseRedirect(next)
 
     context = {
-        #'object_name': _(u'bootstrap setup'),
         'delete_view': False,
         'previous': previous,
         'next': next,
         'form_icon': u'radioactivity.png',
-        #'object': bootstrap,
     }
 
     context['title'] = _(u'Are you sure you wish to erase the entire database and document storage?')
+    context['message'] = _(u'All documents, sources, metadata, metadata types, set, tags, indexes and logs will be lost irreversibly!')
 
     return render_to_response('generic_confirm.html', context,
         context_instance=RequestContext(request))