diff --git a/mayan/apps/document_states/api_views.py b/mayan/apps/document_states/api_views.py index 2c3735e159..1c3599f9ad 100644 --- a/mayan/apps/document_states/api_views.py +++ b/mayan/apps/document_states/api_views.py @@ -1,6 +1,5 @@ from __future__ import absolute_import, unicode_literals -from django.core.exceptions import PermissionDenied from django.shortcuts import get_object_or_404 from rest_framework import generics @@ -8,7 +7,6 @@ from rest_framework import generics from acls.models import AccessControlList from documents.models import Document from documents.permissions import permission_document_type_view -from permissions import Permission from rest_api.filters import MayanObjectPermissionsFilter from rest_api.permissions import MayanPermission @@ -80,14 +78,10 @@ class APIWorkflowDocumentTypeList(generics.ListCreateAPIView): workflow = get_object_or_404(Workflow, pk=self.kwargs['pk']) - try: - Permission.check_permissions( - self.request.user, (permission_required,) - ) - except PermissionDenied: - AccessControlList.objects.check_access( - permission_required, self.request.user, workflow - ) + AccessControlList.objects.check_access( + permissions=permission_required, user=self.request.user, + obj=workflow + ) return workflow @@ -156,14 +150,10 @@ class APIWorkflowDocumentTypeView(generics.RetrieveDestroyAPIView): workflow = get_object_or_404(Workflow, pk=self.kwargs['pk']) - try: - Permission.check_permissions( - self.request.user, (permission_required,) - ) - except PermissionDenied: - AccessControlList.objects.check_access( - permission_required, self.request.user, workflow - ) + AccessControlList.objects.check_access( + permissions=permission_required, user=self.request.user, + obj=workflow + ) return workflow @@ -283,14 +273,10 @@ class APIWorkflowStateListView(generics.ListCreateAPIView): workflow = get_object_or_404(Workflow, pk=self.kwargs['pk']) - try: - Permission.check_permissions( - self.request.user, (permission_required,) - ) - except PermissionDenied: - AccessControlList.objects.check_access( - permission_required, self.request.user, workflow - ) + AccessControlList.objects.check_access( + permissions=permission_required, user=self.request.user, + obj=workflow + ) return workflow @@ -341,14 +327,10 @@ class APIWorkflowStateView(generics.RetrieveUpdateDestroyAPIView): workflow = get_object_or_404(Workflow, pk=self.kwargs['pk']) - try: - Permission.check_permissions( - self.request.user, (permission_required,) - ) - except PermissionDenied: - AccessControlList.objects.check_access( - permission_required, self.request.user, workflow - ) + AccessControlList.objects.check_access( + permissions=permission_required, user=self.request.user, + obj=workflow + ) return workflow @@ -405,14 +387,10 @@ class APIWorkflowTransitionListView(generics.ListCreateAPIView): workflow = get_object_or_404(Workflow, pk=self.kwargs['pk']) - try: - Permission.check_permissions( - self.request.user, (permission_required,) - ) - except PermissionDenied: - AccessControlList.objects.check_access( - permission_required, self.request.user, workflow - ) + AccessControlList.objects.check_access( + permissions=permission_required, user=self.request.user, + obj=workflow + ) return workflow @@ -468,14 +446,10 @@ class APIWorkflowTransitionView(generics.RetrieveUpdateDestroyAPIView): workflow = get_object_or_404(Workflow, pk=self.kwargs['pk']) - try: - Permission.check_permissions( - self.request.user, (permission_required,) - ) - except PermissionDenied: - AccessControlList.objects.check_access( - permission_required, self.request.user, workflow - ) + AccessControlList.objects.check_access( + permissions=permission_required, user=self.request.user, + obj=workflow + ) return workflow @@ -509,14 +483,10 @@ class APIWorkflowInstanceListView(generics.ListAPIView): def get_document(self): document = get_object_or_404(Document, pk=self.kwargs['pk']) - try: - Permission.check_permissions( - self.request.user, (permission_workflow_view,) - ) - except PermissionDenied: - AccessControlList.objects.check_access( - permission_workflow_view, self.request.user, document - ) + AccessControlList.objects.check_access( + permissions=permission_workflow_view, user=self.request.user, + obj=document + ) return document @@ -538,14 +508,10 @@ class APIWorkflowInstanceView(generics.RetrieveAPIView): def get_document(self): document = get_object_or_404(Document, pk=self.kwargs['pk']) - try: - Permission.check_permissions( - self.request.user, (permission_workflow_view,) - ) - except PermissionDenied: - AccessControlList.objects.check_access( - permission_workflow_view, self.request.user, document - ) + AccessControlList.objects.check_access( + permissions=permission_workflow_view, user=self.request.user, + obj=document + ) return document @@ -570,14 +536,10 @@ class APIWorkflowInstanceLogEntryListView(generics.ListCreateAPIView): document = get_object_or_404(Document, pk=self.kwargs['pk']) - try: - Permission.check_permissions( - self.request.user, (permission_required,) - ) - except PermissionDenied: - AccessControlList.objects.check_access( - permission_required, self.request.user, document - ) + AccessControlList.objects.check_access( + permissions=permission_required, user=self.request.user, + obj=document + ) return document diff --git a/mayan/apps/events/api_views.py b/mayan/apps/events/api_views.py index 37c56e6054..35cc03c14c 100644 --- a/mayan/apps/events/api_views.py +++ b/mayan/apps/events/api_views.py @@ -1,7 +1,6 @@ from __future__ import absolute_import, unicode_literals from django.contrib.contenttypes.models import ContentType -from django.core.exceptions import PermissionDenied from django.http import Http404 from django.shortcuts import get_object_or_404 @@ -9,7 +8,6 @@ from actstream.models import Action, any_stream from rest_framework import generics from acls.models import AccessControlList -from permissions import Permission from rest_api.permissions import MayanPermission from .classes import Event @@ -38,18 +36,14 @@ class APIObjectEventListView(generics.ListAPIView): raise Http404 def get_queryset(self): - object = self.get_object() + obj = self.get_object() - try: - Permission.check_permissions( - self.request.user, permissions=(permission_events_view,) - ) - except PermissionDenied: - AccessControlList.objects.check_access( - permission_events_view, self.request.user, object - ) + AccessControlList.objects.check_access( + permissions=permission_events_view, user=self.request.user, + obj=obj + ) - return any_stream(object) + return any_stream(obj) class APIEventTypeListView(generics.ListAPIView): diff --git a/mayan/apps/linking/api_views.py b/mayan/apps/linking/api_views.py index dd1ca25476..9dcbfaf621 100644 --- a/mayan/apps/linking/api_views.py +++ b/mayan/apps/linking/api_views.py @@ -1,6 +1,5 @@ from __future__ import absolute_import, unicode_literals -from django.core.exceptions import PermissionDenied from django.shortcuts import get_object_or_404 from rest_framework import generics @@ -8,7 +7,6 @@ from rest_framework import generics from acls.models import AccessControlList from documents.models import Document from documents.permissions import permission_document_view -from permissions import Permission from rest_api.filters import MayanObjectPermissionsFilter from rest_api.permissions import MayanPermission @@ -41,14 +39,10 @@ class APIResolvedSmartLinkDocumentListView(generics.ListAPIView): def get_document(self): document = get_object_or_404(Document, pk=self.kwargs['pk']) - try: - Permission.check_permissions( - self.request.user, (permission_document_view,) - ) - except PermissionDenied: - AccessControlList.objects.check_access( - permission_document_view, self.request.user, document - ) + AccessControlList.objects.check_access( + permissions=permission_document_view, user=self.request.user, + obj=document + ) return document @@ -58,14 +52,10 @@ class APIResolvedSmartLinkDocumentListView(generics.ListAPIView): pk=self.kwargs['smart_link_pk'] ) - try: - Permission.check_permissions( - self.request.user, (permission_smart_link_view,) - ) - except PermissionDenied: - AccessControlList.objects.check_access( - permission_smart_link_view, self.request.user, smart_link - ) + AccessControlList.objects.check_access( + permissions=permission_smart_link_view, user=self.request.user, + obj=smart_link + ) return smart_link @@ -103,14 +93,10 @@ class APIResolvedSmartLinkView(generics.RetrieveAPIView): def get_document(self): document = get_object_or_404(Document, pk=self.kwargs['pk']) - try: - Permission.check_permissions( - self.request.user, (permission_document_view,) - ) - except PermissionDenied: - AccessControlList.objects.check_access( - permission_document_view, self.request.user, document - ) + AccessControlList.objects.check_access( + permissions=permission_document_view, user=self.request.user, + obj=document + ) return document @@ -144,14 +130,10 @@ class APIResolvedSmartLinkListView(generics.ListAPIView): def get_document(self): document = get_object_or_404(Document, pk=self.kwargs['pk']) - try: - Permission.check_permissions( - self.request.user, (permission_document_view,) - ) - except PermissionDenied: - AccessControlList.objects.check_access( - permission_document_view, self.request.user, document - ) + AccessControlList.objects.check_access( + permissions=permission_document_view, user=self.request.user, + obj=document + ) return document @@ -203,14 +185,10 @@ class APISmartLinkConditionListView(generics.ListCreateAPIView): smart_link = get_object_or_404(SmartLink, pk=self.kwargs['pk']) - try: - Permission.check_permissions( - self.request.user, (permission_required,) - ) - except PermissionDenied: - AccessControlList.objects.check_access( - permission_required, self.request.user, smart_link - ) + AccessControlList.objects.check_access( + permissions=permission_required, user=self.request.user, + obj=smart_link + ) return smart_link @@ -261,14 +239,10 @@ class APISmartLinkConditionView(generics.RetrieveUpdateDestroyAPIView): smart_link = get_object_or_404(SmartLink, pk=self.kwargs['pk']) - try: - Permission.check_permissions( - self.request.user, (permission_required,) - ) - except PermissionDenied: - AccessControlList.objects.check_access( - permission_required, self.request.user, smart_link - ) + AccessControlList.objects.check_access( + permissions=permission_required, user=self.request.user, + obj=smart_link + ) return smart_link diff --git a/mayan/apps/metadata/tests/test_api.py b/mayan/apps/metadata/tests/test_api.py index 4a9f47c4e0..93312509ec 100644 --- a/mayan/apps/metadata/tests/test_api.py +++ b/mayan/apps/metadata/tests/test_api.py @@ -60,8 +60,10 @@ class MetadataTypeAPITestCase(BaseAPITestCase): self._create_metadata_type() response = self.client.delete( - reverse('rest_api:metadatatype-detail', - args=(self.metadata_type.pk,)) + reverse( + 'rest_api:metadatatype-detail', + args=(self.metadata_type.pk,) + ) ) self.assertEqual(response.status_code, 204) @@ -72,8 +74,10 @@ class MetadataTypeAPITestCase(BaseAPITestCase): self._create_metadata_type() response = self.client.get( - reverse('rest_api:metadatatype-detail', - args=(self.metadata_type.pk,)) + reverse( + 'rest_api:metadatatype-detail', + args=(self.metadata_type.pk,) + ) ) self.assertEqual(response.status_code, 200) self.assertEqual( @@ -84,8 +88,10 @@ class MetadataTypeAPITestCase(BaseAPITestCase): self._create_metadata_type() response = self.client.patch( - reverse('rest_api:metadatatype-detail', - args=(self.metadata_type.pk,)), data={ + reverse( + 'rest_api:metadatatype-detail', + args=(self.metadata_type.pk,) + ), data={ 'label': TEST_METADATA_TYPE_LABEL_2, 'name': TEST_METADATA_TYPE_NAME_2 } @@ -102,8 +108,10 @@ class MetadataTypeAPITestCase(BaseAPITestCase): self._create_metadata_type() response = self.client.put( - reverse('rest_api:metadatatype-detail', - args=(self.metadata_type.pk,)), data={ + reverse( + 'rest_api:metadatatype-detail', + args=(self.metadata_type.pk,) + ), data={ 'label': TEST_METADATA_TYPE_LABEL_2, 'name': TEST_METADATA_TYPE_NAME_2 } diff --git a/mayan/apps/navigation/classes.py b/mayan/apps/navigation/classes.py index 6c065ca5f2..3c4df7eb34 100644 --- a/mayan/apps/navigation/classes.py +++ b/mayan/apps/navigation/classes.py @@ -273,7 +273,7 @@ class Link(object): except VariableDoesNotExist: pass - # If this link has a required permission check that the user have it + # If this link has a required permission check that the user has it # too if self.permissions: if resolved_object: diff --git a/mayan/apps/permissions/api_views.py b/mayan/apps/permissions/api_views.py index 47f2ea7c48..c6777bc76c 100644 --- a/mayan/apps/permissions/api_views.py +++ b/mayan/apps/permissions/api_views.py @@ -1,14 +1,9 @@ from __future__ import unicode_literals -from django.shortcuts import get_object_or_404 - from rest_framework import generics -from acls.models import AccessControlList from rest_api.filters import MayanObjectPermissionsFilter from rest_api.permissions import MayanPermission -from user_management.permissions import permission_group_view -from user_management.serializers import GroupSerializer from .classes import Permission from .models import Role @@ -61,54 +56,6 @@ class APIRoleListView(generics.ListCreateAPIView): return super(APIRoleListView, self).post(*args, **kwargs) -class APIRolePermissionList(generics.ListCreateAPIView): - """ - Returns a list of all the permissions of a role. - """ - - mayan_object_permissions = { - 'GET': (permission_role_view,), - 'POST': (permission_role_edit,) - } - permission_classes = (MayanPermission,) - - def get_serializer_class(self): - if self.request.method == 'GET': - return PermissionSerializer - elif self.request.method == 'POST': - return RoleNewPermissionSerializer - - def get_serializer_context(self): - """ - Extra context provided to the serializer class. - """ - return { - 'format': self.format_kwarg, - 'request': self.request, - 'role': self.get_role(), - 'view': self - } - - def get_queryset(self): - return [ - permission.volatile_permission for permission in self.get_role().permissions.all() - ] - - def get_role(self): - return get_object_or_404(Role, pk=self.kwargs['pk']) - - def perform_create(self, serializer): - serializer.save(role=self.get_role()) - - def post(self, request, *args, **kwargs): - """ - Add a list of permissions to a role. - """ - return super(APIRolePermissionList, self).post( - request, *args, **kwargs - ) - - class APIRoleView(generics.RetrieveUpdateDestroyAPIView): mayan_object_permissions = { 'GET': (permission_role_view,), diff --git a/mayan/apps/tags/serializers.py b/mayan/apps/tags/serializers.py index 621de6587d..6a8830f792 100644 --- a/mayan/apps/tags/serializers.py +++ b/mayan/apps/tags/serializers.py @@ -8,7 +8,6 @@ from rest_framework.reverse import reverse from acls.models import AccessControlList from documents.models import Document -from permissions import Permission from .models import Tag from .permissions import permission_tag_attach