matthias/mayan-edms
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Converted modules to use the new simpler permission checking

Browse Source
This commit is contained in:
Roberto Rosario
2011-03-09 01:20:07 -04:00
parent 3083f7344d
commit 739c2ee299
4 changed files with 35 additions and 167 deletions
Download Patch File Download Diff File Expand all files Collapse all files

110
apps/documents/views.py
View File

@@ -23,7 +23,7 @@ from filetransfers.api import serve_file
from filesystem_serving.api import document_create_fs_links, document_delete_fs_links
from filesystem_serving.conf.settings import FILESERVING_ENABLE
from ocr.models import add_document_to_queue
from permissions.api import check_permissions, Unauthorized
from permissions.api import check_permissions
from documents.conf.settings import DELETE_STAGING_FILE_AFTER_UPLOAD
@@ -58,11 +58,7 @@ from utils import document_save_to_temp_dir
def document_list(request):
permissions = [PERMISSION_DOCUMENT_VIEW]
try:
check_permissions(request.user, 'documents', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_VIEW])
return object_list(
request,
@@ -74,11 +70,7 @@ def document_list(request):
)
def document_create(request, multiple=True):
permissions = [PERMISSION_DOCUMENT_CREATE]
try:
check_permissions(request.user, 'documents', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_CREATE])
if DocumentType.objects.all().count() == 1:
wizard = DocumentCreateWizard(
@@ -93,11 +85,7 @@ def document_create(request, multiple=True):
return wizard(request)
def document_create_sibling(request, document_id, multiple=True):
permissions = [PERMISSION_DOCUMENT_CREATE]
try:
check_permissions(request.user, 'documents', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_CREATE])
document = get_object_or_404(Document, pk=document_id)
urldata = []
@@ -153,11 +141,7 @@ def _handle_zip_file(request, uploaded_file, document_type):
def upload_document_with_type(request, document_type_id, multiple=True):
permissions = [PERMISSION_DOCUMENT_CREATE]
try:
check_permissions(request.user, 'documents', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_CREATE])
document_type = get_object_or_404(DocumentType, pk=document_type_id)
local_form = DocumentForm(prefix='local', initial={'document_type':document_type})
@@ -248,11 +232,7 @@ def upload_document_with_type(request, document_type_id, multiple=True):
context_instance=RequestContext(request))
def document_view(request, document_id):
permissions = [PERMISSION_DOCUMENT_VIEW]
try:
check_permissions(request.user, 'documents', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_VIEW])
document = get_object_or_404(Document, pk=document_id)
form = DocumentForm_view(instance=document, extra_fields=[
@@ -344,11 +324,7 @@ def document_view(request, document_id):
def document_delete(request, document_id):
permissions = [PERMISSION_DOCUMENT_DELETE]
try:
check_permissions(request.user, 'documents', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_DELETE])
document = get_object_or_404(Document, pk=document_id)
@@ -373,11 +349,7 @@ def document_delete(request, document_id):
def document_edit(request, document_id):
permissions = [PERMISSION_DOCUMENT_PROPERTIES_EDIT]
try:
check_permissions(request.user, 'documents', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_PROPERTIES_EDIT])
document = get_object_or_404(Document, pk=document_id)
if request.method == 'POST':
@@ -419,11 +391,7 @@ def document_edit(request, document_id):
def document_edit_metadata(request, document_id):
permissions = [PERMISSION_DOCUMENT_METADATA_EDIT]
try:
check_permissions(request.user, 'documents', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_METADATA_EDIT])
document = get_object_or_404(Document, pk=document_id)
@@ -473,11 +441,7 @@ def document_edit_metadata(request, document_id):
def get_document_image(request, document_id, size=PREVIEW_SIZE, quality=QUALITY_DEFAULT):
permissions = [PERMISSION_DOCUMENT_VIEW]
try:
check_permissions(request.user, 'documents', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_VIEW])
document = get_object_or_404(Document, pk=document_id)
@@ -532,11 +496,7 @@ def get_document_image(request, document_id, size=PREVIEW_SIZE, quality=QUALITY_
def document_download(request, document_id):
permissions = [PERMISSION_DOCUMENT_DOWNLOAD]
try:
check_permissions(request.user, 'documents', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_DOWNLOAD])
document = get_object_or_404(Document, pk=document_id)
try:
@@ -596,11 +556,7 @@ def staging_file_delete(request, staging_file_id):
def document_page_view(request, document_page_id):
permissions = [PERMISSION_DOCUMENT_VIEW]
try:
check_permissions(request.user, 'documents', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_VIEW])
document_page = get_object_or_404(DocumentPage, pk=document_page_id)
document_page_form = DocumentPageForm(instance=document_page)
@@ -639,11 +595,7 @@ def document_page_view(request, document_page_id):
def document_page_transformation_create(request, document_page_id):
permissions = [PERMISSION_DOCUMENT_TRANSFORM]
try:
check_permissions(request.user, 'documents', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_TRANSFORM])
document_page = get_object_or_404(DocumentPage, pk=document_page_id)
@@ -664,11 +616,7 @@ def document_page_transformation_create(request, document_page_id):
def document_page_transformation_edit(request, document_page_transformation_id):
permissions = [PERMISSION_DOCUMENT_TRANSFORM]
try:
check_permissions(request.user, 'documents', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_TRANSFORM])
document_page_transformation = get_object_or_404(DocumentPageTransformation, pk=document_page_transformation_id)
return update_object(request, template_name='generic_form.html',
@@ -690,11 +638,7 @@ def document_page_transformation_edit(request, document_page_transformation_id):
def document_page_transformation_delete(request, document_page_transformation_id):
permissions = [PERMISSION_DOCUMENT_TRANSFORM]
try:
check_permissions(request.user, 'documents', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_TRANSFORM])
previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', None)))
@@ -716,23 +660,13 @@ def document_page_transformation_delete(request, document_page_transformation_id
def document_find_duplicates(request, document_id):
permissions = [PERMISSION_DOCUMENT_VIEW]
try:
check_permissions(request.user, 'documents', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_VIEW])
document = get_object_or_404(Document, pk=document_id)
return _find_duplicate_list(request, [document], include_source=True, confirmation=False)
def _find_duplicate_list(request, source_document_list=Document.objects.all(), include_source=False, confirmation=True):
permissions = [PERMISSION_DOCUMENT_VIEW]
try:
check_permissions(request.user, 'documents', permissions)
except Unauthorized, e:
raise Http404(e)
previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', None)))
if confirmation and request.method != 'POST':
@@ -757,21 +691,13 @@ def _find_duplicate_list(request, source_document_list=Document.objects.all(), i
def document_find_all_duplicates(request):
permissions = [PERMISSION_DOCUMENT_VIEW]
try:
check_permissions(request.user, 'documents', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_VIEW])
return _find_duplicate_list(request, include_source=True)
def document_clear_transformations(request, document_id):
permissions = [PERMISSION_DOCUMENT_TRANSFORM]
try:
check_permissions(request.user, 'documents', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_TRANSFORM])
previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', None)))

8
apps/filesystem_serving/views.py
View File

@@ -5,7 +5,7 @@ from django.template import RequestContext
from django.contrib import messages
from permissions.api import check_permissions, Unauthorized
from permissions.api import check_permissions
from filesystem_serving import FILESYSTEM_SERVING_RECREATE_LINKS
@@ -13,11 +13,7 @@ from api import do_recreate_all_links
def recreate_all_links(request):
permissions = [FILESYSTEM_SERVING_RECREATE_LINKS]
try:
check_permissions(request.user, 'filesystem_serving', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'filesystem_serving', [FILESYSTEM_SERVING_RECREATE_LINKS])
previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', None)))
next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', None)))

38
apps/ocr/views.py
View File

@@ -10,7 +10,7 @@ from django.views.generic.create_update import create_object, delete_object, upd
from django.conf import settings
from django.utils.translation import ugettext as _
from permissions.api import check_permissions, Unauthorized
from permissions.api import check_permissions
from documents.models import Document
from ocr import PERMISSION_OCR_DOCUMENT, PERMISSION_OCR_DOCUMENT_DELETE, \
@@ -22,11 +22,7 @@ from literals import QUEUEDOCUMENT_STATE_PENDING, \
from forms import DocumentQueueForm_view
def queue_document_list(request, queue_name='default'):
permissions = [PERMISSION_OCR_DOCUMENT]
try:
check_permissions(request.user, 'ocr', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'ocr', [PERMISSION_OCR_DOCUMENT])
document_queue = get_object_or_404(DocumentQueue, name=queue_name)
@@ -60,11 +56,7 @@ def queue_document_list(request, queue_name='default'):
def queue_document_delete(request, queue_document_id):
permissions = [PERMISSION_OCR_DOCUMENT_DELETE]
try:
check_permissions(request.user, 'ocr', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'ocr', [PERMISSION_OCR_DOCUMENT_DELETE])
next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', None)))
previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', None)))
@@ -82,11 +74,7 @@ def queue_document_delete(request, queue_document_id):
def submit_document(request, document_id, queue_name='default'):
permissions = [PERMISSION_OCR_DOCUMENT]
try:
check_permissions(request.user, 'ocr', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'ocr', [PERMISSION_OCR_DOCUMENT])
document = get_object_or_404(Document, pk=document_id)
@@ -99,11 +87,7 @@ def submit_document(request, document_id, queue_name='default'):
def re_queue_document(request, queue_document_id):
permissions = [PERMISSION_OCR_DOCUMENT]
try:
check_permissions(request.user, 'ocr', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'ocr', [PERMISSION_OCR_DOCUMENT])
next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', None)))
previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', None)))
@@ -146,11 +130,7 @@ def re_queue_document(request, queue_document_id):
def document_queue_disable(request, document_queue_id):
permissions = [PERMISSION_OCR_QUEUE_ENABLE_DISABLE]
try:
check_permissions(request.user, 'ocr', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'ocr', [PERMISSION_OCR_QUEUE_ENABLE_DISABLE])
next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', None)))
previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', None)))
@@ -175,11 +155,7 @@ def document_queue_disable(request, document_queue_id):
def document_queue_enable(request, document_queue_id):
permissions = [PERMISSION_OCR_QUEUE_ENABLE_DISABLE]
try:
check_permissions(request.user, 'ocr', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'ocr', [PERMISSION_OCR_QUEUE_ENABLE_DISABLE])
next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', None)))
previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', None)))

46
apps/permissions/views.py
View File

@@ -15,15 +15,11 @@ from forms import RoleForm, RoleForm_view
from permissions import PERMISSION_ROLE_VIEW, PERMISSION_ROLE_EDIT, \
PERMISSION_ROLE_CREATE, PERMISSION_ROLE_DELETE, PERMISSION_PERMISSION_GRANT, \
PERMISSION_PERMISSION_REVOKE
from api import check_permissions, Unauthorized
from api import check_permissions
def role_list(request):
permissions = [PERMISSION_ROLE_VIEW]
try:
check_permissions(request.user, 'permissions', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'permissions', [PERMISSION_ROLE_VIEW])
return object_list(
request,
@@ -54,11 +50,7 @@ def _role_permission_link(requester, permission, permission_list):
def role_permissions(request, role_id):
permissions = [PERMISSION_PERMISSION_GRANT, PERMISSION_PERMISSION_REVOKE]
try:
check_permissions(request.user, 'permissions', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'permissions', [PERMISSION_PERMISSION_GRANT, PERMISSION_PERMISSION_REVOKE])
role = get_object_or_404(Role, pk=role_id)
form = RoleForm_view(instance=role)
@@ -88,11 +80,7 @@ def role_permissions(request, role_id):
def role_edit(request, role_id):
permissions = [PERMISSION_ROLE_EDIT]
try:
check_permissions(request.user, 'permissions', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'permissions', [PERMISSION_ROLE_EDIT])
return update_object(request, template_name='generic_form.html',
form_class=RoleForm, object_id=role_id, extra_context={
@@ -100,11 +88,7 @@ def role_edit(request, role_id):
def role_create(request):
permissions = [PERMISSION_ROLE_CREATE]
try:
check_permissions(request.user, 'permissions', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'permissions', [PERMISSION_ROLE_CREATE])
return create_object(request, model=Role,
template_name='generic_form.html',
@@ -112,11 +96,7 @@ def role_create(request):
def role_delete(request, role_id):
permissions = [PERMISSION_ROLE_DELETE]
try:
check_permissions(request.user, 'permissions', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'permissions', [PERMISSION_ROLE_DELETE])
next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', None)))
previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', None)))
@@ -138,20 +118,12 @@ def permission_grant_revoke(request, permission_id, app_label, module_name, pk,
permission = get_object_or_404(Permission, pk=permission_id)
if action == 'grant':
permissions = [PERMISSION_PERMISSION_GRANT]
try:
check_permissions(request.user, 'permissions', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'permissions', [PERMISSION_PERMISSION_GRANT])
title = _('Are you sure you wish to grant the permission "%(permission)s" to %(ct_name)s: %(requester)s') % {
'permission':permission, 'ct_name':ct.name, 'requester':requester}
elif action == 'revoke':
permissions = [PERMISSION_PERMISSION_REVOKE]
try:
check_permissions(request.user, 'permissions', permissions)
except Unauthorized, e:
raise Http404(e)
check_permissions(request.user, 'permissions', [PERMISSION_PERMISSION_REVOKE])
title = _('Are you sure you wish to revoke the permission "%(permission)s" from %(ct_name)s: %(requester)s') % {
'permission':permission, 'ct_name':ct.name, 'requester':requester}
else:
@@ -187,5 +159,3 @@ def permission_grant_revoke(request, permission_id, app_label, module_name, pk,
'previous':previous,
'title':title,
}, context_instance=RequestContext(request))