matthias/mayan-edms
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add ACL checks to document_index_list

Browse Source
This commit is contained in:
Roberto Rosario
2012-02-02 09:12:20 -04:00
parent 790dad2df4
commit c6fa070222
1 changed files with 11 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
apps/document_indexing/views.py
View File

@@ -255,9 +255,6 @@ def template_node_delete(request, node_pk):
return HttpResponseRedirect(next) return HttpResponseRedirect(next)
context = { context = {
#'node': node,
#'object_name': _(u'index'),
#'navigation_object_name': 'index',
'delete_view': True, 'delete_view': True,
'previous': previous, 'previous': previous,
'next': next, 'next': next,
@@ -276,24 +273,20 @@ def template_node_delete(request, node_pk):
context_instance=RequestContext(request)) context_instance=RequestContext(request))
# User views
#from . import index_roots as index_roots_link
def index_list(request): def index_list(request):
context = { context = {
'title': _(u'indexes'), 'title': _(u'indexes'),
#'hide_object': True, #'hide_object': True,
#'list_object_variable_name': 'index', #'list_object_variable_name': 'index',
'extra_columns': [ #'extra_columns': [
{'name': _(u'root'), 'attribute': 'root'}, # {'name': _(u'elements'), 'attribute': 'root'},
# {'name': _(u'name'), 'attribute': 'name'}, # {'name': _(u'name'), 'attribute': 'name'},
# {'name': _(u'title'), 'attribute': 'title'}, # {'name': _(u'title'), 'attribute': 'title'},
], #],
'overrided_object_links': [{}], 'overrided_object_links': [{}],
} }
queryset = Index.objects.all() queryset = Index.objects.filter(enabled=True)
try: try:
Permission.objects.check_permissions(request.user, [PERMISSION_DOCUMENT_INDEXING_VIEW]) Permission.objects.check_permissions(request.user, [PERMISSION_DOCUMENT_INDEXING_VIEW])
@@ -380,13 +373,16 @@ def rebuild_index_instances(request):
def document_index_list(request, document_id): def document_index_list(request, document_id):
#TODO: add ACL check
Permission.objects.check_permissions(request.user, [PERMISSION_DOCUMENT_VIEW, PERMISSION_DOCUMENT_INDEXING_VIEW])
document = get_object_or_404(Document, pk=document_id) document = get_object_or_404(Document, pk=document_id)
object_list = [] object_list = []
for index_instance in document.indexinstancenode_set.all(): queryset = document.indexinstancenode_set.all()
try:
Permission.objects.check_permissions(request.user, [PERMISSION_DOCUMENT_VIEW, PERMISSION_DOCUMENT_INDEXING_VIEW])
except PermissionDenied:
queryset = AccessEntry.objects.filter_objects_by_access(PERMISSION_DOCUMENT_INDEXING_VIEW, request.user, queryset)
for index_instance in queryset:
object_list.append(get_breadcrumbs(index_instance, single_link=True, include_count=True)) object_list.append(get_breadcrumbs(index_instance, single_link=True, include_count=True))
return render_to_response('generic_list.html', { return render_to_response('generic_list.html', {