diff --git a/apps/documents/views.py b/apps/documents/views.py index ed5c9fa98b..acb524ea93 100644 --- a/apps/documents/views.py +++ b/apps/documents/views.py @@ -23,7 +23,7 @@ from filetransfers.api import serve_file from filesystem_serving.api import document_create_fs_links, document_delete_fs_links from filesystem_serving.conf.settings import FILESERVING_ENABLE from ocr.models import add_document_to_queue -from permissions.api import check_permissions, Unauthorized +from permissions.api import check_permissions from documents.conf.settings import DELETE_STAGING_FILE_AFTER_UPLOAD @@ -58,11 +58,7 @@ from utils import document_save_to_temp_dir def document_list(request): - permissions = [PERMISSION_DOCUMENT_VIEW] - try: - check_permissions(request.user, 'documents', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_VIEW]) return object_list( request, @@ -74,11 +70,7 @@ def document_list(request): ) def document_create(request, multiple=True): - permissions = [PERMISSION_DOCUMENT_CREATE] - try: - check_permissions(request.user, 'documents', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_CREATE]) if DocumentType.objects.all().count() == 1: wizard = DocumentCreateWizard( @@ -93,11 +85,7 @@ def document_create(request, multiple=True): return wizard(request) def document_create_sibling(request, document_id, multiple=True): - permissions = [PERMISSION_DOCUMENT_CREATE] - try: - check_permissions(request.user, 'documents', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_CREATE]) document = get_object_or_404(Document, pk=document_id) urldata = [] @@ -153,11 +141,7 @@ def _handle_zip_file(request, uploaded_file, document_type): def upload_document_with_type(request, document_type_id, multiple=True): - permissions = [PERMISSION_DOCUMENT_CREATE] - try: - check_permissions(request.user, 'documents', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_CREATE]) document_type = get_object_or_404(DocumentType, pk=document_type_id) local_form = DocumentForm(prefix='local', initial={'document_type':document_type}) @@ -248,11 +232,7 @@ def upload_document_with_type(request, document_type_id, multiple=True): context_instance=RequestContext(request)) def document_view(request, document_id): - permissions = [PERMISSION_DOCUMENT_VIEW] - try: - check_permissions(request.user, 'documents', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_VIEW]) document = get_object_or_404(Document, pk=document_id) form = DocumentForm_view(instance=document, extra_fields=[ @@ -344,11 +324,7 @@ def document_view(request, document_id): def document_delete(request, document_id): - permissions = [PERMISSION_DOCUMENT_DELETE] - try: - check_permissions(request.user, 'documents', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_DELETE]) document = get_object_or_404(Document, pk=document_id) @@ -373,11 +349,7 @@ def document_delete(request, document_id): def document_edit(request, document_id): - permissions = [PERMISSION_DOCUMENT_PROPERTIES_EDIT] - try: - check_permissions(request.user, 'documents', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_PROPERTIES_EDIT]) document = get_object_or_404(Document, pk=document_id) if request.method == 'POST': @@ -419,11 +391,7 @@ def document_edit(request, document_id): def document_edit_metadata(request, document_id): - permissions = [PERMISSION_DOCUMENT_METADATA_EDIT] - try: - check_permissions(request.user, 'documents', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_METADATA_EDIT]) document = get_object_or_404(Document, pk=document_id) @@ -473,11 +441,7 @@ def document_edit_metadata(request, document_id): def get_document_image(request, document_id, size=PREVIEW_SIZE, quality=QUALITY_DEFAULT): - permissions = [PERMISSION_DOCUMENT_VIEW] - try: - check_permissions(request.user, 'documents', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_VIEW]) document = get_object_or_404(Document, pk=document_id) @@ -532,11 +496,7 @@ def get_document_image(request, document_id, size=PREVIEW_SIZE, quality=QUALITY_ def document_download(request, document_id): - permissions = [PERMISSION_DOCUMENT_DOWNLOAD] - try: - check_permissions(request.user, 'documents', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_DOWNLOAD]) document = get_object_or_404(Document, pk=document_id) try: @@ -596,11 +556,7 @@ def staging_file_delete(request, staging_file_id): def document_page_view(request, document_page_id): - permissions = [PERMISSION_DOCUMENT_VIEW] - try: - check_permissions(request.user, 'documents', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_VIEW]) document_page = get_object_or_404(DocumentPage, pk=document_page_id) document_page_form = DocumentPageForm(instance=document_page) @@ -639,11 +595,7 @@ def document_page_view(request, document_page_id): def document_page_transformation_create(request, document_page_id): - permissions = [PERMISSION_DOCUMENT_TRANSFORM] - try: - check_permissions(request.user, 'documents', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_TRANSFORM]) document_page = get_object_or_404(DocumentPage, pk=document_page_id) @@ -664,11 +616,7 @@ def document_page_transformation_create(request, document_page_id): def document_page_transformation_edit(request, document_page_transformation_id): - permissions = [PERMISSION_DOCUMENT_TRANSFORM] - try: - check_permissions(request.user, 'documents', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_TRANSFORM]) document_page_transformation = get_object_or_404(DocumentPageTransformation, pk=document_page_transformation_id) return update_object(request, template_name='generic_form.html', @@ -690,11 +638,7 @@ def document_page_transformation_edit(request, document_page_transformation_id): def document_page_transformation_delete(request, document_page_transformation_id): - permissions = [PERMISSION_DOCUMENT_TRANSFORM] - try: - check_permissions(request.user, 'documents', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_TRANSFORM]) previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', None))) @@ -716,23 +660,13 @@ def document_page_transformation_delete(request, document_page_transformation_id def document_find_duplicates(request, document_id): - permissions = [PERMISSION_DOCUMENT_VIEW] - try: - check_permissions(request.user, 'documents', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_VIEW]) document = get_object_or_404(Document, pk=document_id) return _find_duplicate_list(request, [document], include_source=True, confirmation=False) def _find_duplicate_list(request, source_document_list=Document.objects.all(), include_source=False, confirmation=True): - permissions = [PERMISSION_DOCUMENT_VIEW] - try: - check_permissions(request.user, 'documents', permissions) - except Unauthorized, e: - raise Http404(e) - previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', None))) if confirmation and request.method != 'POST': @@ -757,21 +691,13 @@ def _find_duplicate_list(request, source_document_list=Document.objects.all(), i def document_find_all_duplicates(request): - permissions = [PERMISSION_DOCUMENT_VIEW] - try: - check_permissions(request.user, 'documents', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_VIEW]) return _find_duplicate_list(request, include_source=True) def document_clear_transformations(request, document_id): - permissions = [PERMISSION_DOCUMENT_TRANSFORM] - try: - check_permissions(request.user, 'documents', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_TRANSFORM]) previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', None))) diff --git a/apps/filesystem_serving/views.py b/apps/filesystem_serving/views.py index 22f05a4817..0020b4c47d 100644 --- a/apps/filesystem_serving/views.py +++ b/apps/filesystem_serving/views.py @@ -5,7 +5,7 @@ from django.template import RequestContext from django.contrib import messages -from permissions.api import check_permissions, Unauthorized +from permissions.api import check_permissions from filesystem_serving import FILESYSTEM_SERVING_RECREATE_LINKS @@ -13,11 +13,7 @@ from api import do_recreate_all_links def recreate_all_links(request): - permissions = [FILESYSTEM_SERVING_RECREATE_LINKS] - try: - check_permissions(request.user, 'filesystem_serving', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'filesystem_serving', [FILESYSTEM_SERVING_RECREATE_LINKS]) previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', None))) next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', None))) diff --git a/apps/ocr/views.py b/apps/ocr/views.py index a0bdcf1ca5..e3d51a3c0e 100644 --- a/apps/ocr/views.py +++ b/apps/ocr/views.py @@ -10,7 +10,7 @@ from django.views.generic.create_update import create_object, delete_object, upd from django.conf import settings from django.utils.translation import ugettext as _ -from permissions.api import check_permissions, Unauthorized +from permissions.api import check_permissions from documents.models import Document from ocr import PERMISSION_OCR_DOCUMENT, PERMISSION_OCR_DOCUMENT_DELETE, \ @@ -22,11 +22,7 @@ from literals import QUEUEDOCUMENT_STATE_PENDING, \ from forms import DocumentQueueForm_view def queue_document_list(request, queue_name='default'): - permissions = [PERMISSION_OCR_DOCUMENT] - try: - check_permissions(request.user, 'ocr', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'ocr', [PERMISSION_OCR_DOCUMENT]) document_queue = get_object_or_404(DocumentQueue, name=queue_name) @@ -60,11 +56,7 @@ def queue_document_list(request, queue_name='default'): def queue_document_delete(request, queue_document_id): - permissions = [PERMISSION_OCR_DOCUMENT_DELETE] - try: - check_permissions(request.user, 'ocr', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'ocr', [PERMISSION_OCR_DOCUMENT_DELETE]) next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', None))) previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', None))) @@ -82,11 +74,7 @@ def queue_document_delete(request, queue_document_id): def submit_document(request, document_id, queue_name='default'): - permissions = [PERMISSION_OCR_DOCUMENT] - try: - check_permissions(request.user, 'ocr', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'ocr', [PERMISSION_OCR_DOCUMENT]) document = get_object_or_404(Document, pk=document_id) @@ -99,11 +87,7 @@ def submit_document(request, document_id, queue_name='default'): def re_queue_document(request, queue_document_id): - permissions = [PERMISSION_OCR_DOCUMENT] - try: - check_permissions(request.user, 'ocr', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'ocr', [PERMISSION_OCR_DOCUMENT]) next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', None))) previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', None))) @@ -146,11 +130,7 @@ def re_queue_document(request, queue_document_id): def document_queue_disable(request, document_queue_id): - permissions = [PERMISSION_OCR_QUEUE_ENABLE_DISABLE] - try: - check_permissions(request.user, 'ocr', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'ocr', [PERMISSION_OCR_QUEUE_ENABLE_DISABLE]) next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', None))) previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', None))) @@ -175,11 +155,7 @@ def document_queue_disable(request, document_queue_id): def document_queue_enable(request, document_queue_id): - permissions = [PERMISSION_OCR_QUEUE_ENABLE_DISABLE] - try: - check_permissions(request.user, 'ocr', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'ocr', [PERMISSION_OCR_QUEUE_ENABLE_DISABLE]) next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', None))) previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', None))) diff --git a/apps/permissions/views.py b/apps/permissions/views.py index c10b3ee1f3..e9180fe020 100644 --- a/apps/permissions/views.py +++ b/apps/permissions/views.py @@ -15,15 +15,11 @@ from forms import RoleForm, RoleForm_view from permissions import PERMISSION_ROLE_VIEW, PERMISSION_ROLE_EDIT, \ PERMISSION_ROLE_CREATE, PERMISSION_ROLE_DELETE, PERMISSION_PERMISSION_GRANT, \ PERMISSION_PERMISSION_REVOKE -from api import check_permissions, Unauthorized +from api import check_permissions def role_list(request): - permissions = [PERMISSION_ROLE_VIEW] - try: - check_permissions(request.user, 'permissions', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'permissions', [PERMISSION_ROLE_VIEW]) return object_list( request, @@ -54,11 +50,7 @@ def _role_permission_link(requester, permission, permission_list): def role_permissions(request, role_id): - permissions = [PERMISSION_PERMISSION_GRANT, PERMISSION_PERMISSION_REVOKE] - try: - check_permissions(request.user, 'permissions', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'permissions', [PERMISSION_PERMISSION_GRANT, PERMISSION_PERMISSION_REVOKE]) role = get_object_or_404(Role, pk=role_id) form = RoleForm_view(instance=role) @@ -88,11 +80,7 @@ def role_permissions(request, role_id): def role_edit(request, role_id): - permissions = [PERMISSION_ROLE_EDIT] - try: - check_permissions(request.user, 'permissions', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'permissions', [PERMISSION_ROLE_EDIT]) return update_object(request, template_name='generic_form.html', form_class=RoleForm, object_id=role_id, extra_context={ @@ -100,11 +88,7 @@ def role_edit(request, role_id): def role_create(request): - permissions = [PERMISSION_ROLE_CREATE] - try: - check_permissions(request.user, 'permissions', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'permissions', [PERMISSION_ROLE_CREATE]) return create_object(request, model=Role, template_name='generic_form.html', @@ -112,11 +96,7 @@ def role_create(request): def role_delete(request, role_id): - permissions = [PERMISSION_ROLE_DELETE] - try: - check_permissions(request.user, 'permissions', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'permissions', [PERMISSION_ROLE_DELETE]) next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', None))) previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', None))) @@ -138,20 +118,12 @@ def permission_grant_revoke(request, permission_id, app_label, module_name, pk, permission = get_object_or_404(Permission, pk=permission_id) if action == 'grant': - permissions = [PERMISSION_PERMISSION_GRANT] - try: - check_permissions(request.user, 'permissions', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'permissions', [PERMISSION_PERMISSION_GRANT]) title = _('Are you sure you wish to grant the permission "%(permission)s" to %(ct_name)s: %(requester)s') % { 'permission':permission, 'ct_name':ct.name, 'requester':requester} elif action == 'revoke': - permissions = [PERMISSION_PERMISSION_REVOKE] - try: - check_permissions(request.user, 'permissions', permissions) - except Unauthorized, e: - raise Http404(e) + check_permissions(request.user, 'permissions', [PERMISSION_PERMISSION_REVOKE]) title = _('Are you sure you wish to revoke the permission "%(permission)s" from %(ct_name)s: %(requester)s') % { 'permission':permission, 'ct_name':ct.name, 'requester':requester} else: @@ -187,5 +159,3 @@ def permission_grant_revoke(request, permission_id, app_label, module_name, pk, 'previous':previous, 'title':title, }, context_instance=RequestContext(request)) - -