diff --git a/apps/document_comments/__init__.py b/apps/document_comments/__init__.py index 0e94e009b9..03ec86d819 100644 --- a/apps/document_comments/__init__.py +++ b/apps/document_comments/__init__.py @@ -2,25 +2,23 @@ from django.utils.translation import ugettext_lazy as _ from navigation.api import register_links, \ register_model_list_columns -from permissions.api import register_permissions +from permissions.api import register_permission from django.contrib.comments.models import Comment from documents.models import Document -PERMISSION_COMMENT_CREATE = 'comment_create' -PERMISSION_COMMENT_DELETE = 'comment_delete' -PERMISSION_COMMENT_EDIT = 'comment_edit' +PERMISSION_COMMENT_CREATE = {'namespace': 'comments', 'name': 'comment_create', 'label': _(u'Create new comments')} +PERMISSION_COMMENT_DELETE = {'namespace': 'comments', 'name': 'comment_delete', 'label': _(u'Delete comments')} +PERMISSION_COMMENT_EDIT = {'namespace': 'comments', 'name': 'comment_edit', 'label': _(u'Edit comments')} -register_permissions('comments', [ - {'name': PERMISSION_COMMENT_CREATE, 'label': _(u'Create new comments')}, - {'name': PERMISSION_COMMENT_DELETE, 'label': _(u'Delete comments')}, - {'name': PERMISSION_COMMENT_EDIT, 'label': _(u'Edit comments')}, -]) +register_permission(PERMISSION_COMMENT_CREATE) +register_permission(PERMISSION_COMMENT_DELETE) +register_permission(PERMISSION_COMMENT_EDIT) -comment_delete = {'text': _('delete'), 'view': 'comment_delete', 'args': 'object.id', 'famfam': 'comment_delete', 'permissions': {'namespace': 'comments', 'permissions': [PERMISSION_COMMENT_DELETE]}} -comment_multiple_delete = {'text': _('delete'), 'view': 'comment_multiple_delete', 'args': 'object.id', 'famfam': 'comments_delete', 'permissions': {'namespace': 'comments', 'permissions': [PERMISSION_COMMENT_DELETE]}} -comment_add = {'text': _('add comment'), 'view': 'comment_add', 'args': 'object.id', 'famfam': 'comment_add', 'permissions': {'namespace': 'comments', 'permissions': [PERMISSION_COMMENT_CREATE]}} +comment_delete = {'text': _('delete'), 'view': 'comment_delete', 'args': 'object.id', 'famfam': 'comment_delete', 'permissions': [PERMISSION_COMMENT_DELETE]} +comment_multiple_delete = {'text': _('delete'), 'view': 'comment_multiple_delete', 'args': 'object.id', 'famfam': 'comments_delete', 'permissions': [PERMISSION_COMMENT_DELETE]} +comment_add = {'text': _('add comment'), 'view': 'comment_add', 'args': 'object.id', 'famfam': 'comment_add', 'permissions': [PERMISSION_COMMENT_CREATE]} register_model_list_columns(Comment, [ { diff --git a/apps/document_comments/views.py b/apps/document_comments/views.py index 2b3d38b432..5e6745da4e 100644 --- a/apps/document_comments/views.py +++ b/apps/document_comments/views.py @@ -15,7 +15,7 @@ from document_comments.forms import CommentForm def comment_delete(request, comment_id=None, comment_id_list=None): - check_permissions(request.user, 'comments', [PERMISSION_COMMENT_DELETE]) + check_permissions(request.user, [PERMISSION_COMMENT_DELETE]) post_action_redirect = None if comment_id: @@ -65,7 +65,7 @@ def comment_multiple_delete(request): def comment_add(request, document_id): - check_permissions(request.user, 'comments', [PERMISSION_COMMENT_CREATE]) + check_permissions(request.user, [PERMISSION_COMMENT_CREATE]) document = get_object_or_404(Document, pk=document_id) post_action_redirect = None diff --git a/apps/document_indexing/__init__.py b/apps/document_indexing/__init__.py index 65d1dd3dab..1eece7a905 100644 --- a/apps/document_indexing/__init__.py +++ b/apps/document_indexing/__init__.py @@ -1,23 +1,21 @@ from django.utils.translation import ugettext_lazy as _ from navigation.api import register_menu -from permissions.api import register_permissions +from permissions.api import register_permission from main.api import register_tool -PERMISSION_DOCUMENT_INDEXING_VIEW = 'document_index_view' -PERMISSION_DOCUMENT_INDEXING_REBUILD_INDEXES = 'document_rebuild_indexes' +PERMISSION_DOCUMENT_INDEXING_VIEW = {'namespace': 'document_indexing', 'name': 'document_index_view', 'label': _(u'View document indexes')} +PERMISSION_DOCUMENT_INDEXING_REBUILD_INDEXES = {'namespace': 'document_indexing', 'name': 'document_rebuild_indexes', 'label': _(u'Rebuild document indexes')} -register_permissions('document_indexing', [ - {'name': PERMISSION_DOCUMENT_INDEXING_VIEW, 'label': _(u'View document indexes')}, - {'name': PERMISSION_DOCUMENT_INDEXING_REBUILD_INDEXES, 'label': _(u'Rebuild document indexes')}, -]) +register_permission(PERMISSION_DOCUMENT_INDEXING_VIEW) +register_permission(PERMISSION_DOCUMENT_INDEXING_REBUILD_INDEXES) -index_list = {'text': _(u'index list'), 'view': 'index_instance_list', 'famfam': 'folder_link', 'permissions': {'namespace': 'document_indexing', 'permissions': [PERMISSION_DOCUMENT_INDEXING_VIEW]}} +index_list = {'text': _(u'index list'), 'view': 'index_instance_list', 'famfam': 'folder_link', 'permissions': [PERMISSION_DOCUMENT_INDEXING_VIEW]} register_menu([ {'text': _('indexes'), 'view': 'index_instance_list', 'links': [ - ], 'famfam': 'folder_link', 'position': 2, 'permissions': {'namespace': 'document_indexing', 'permissions': [PERMISSION_DOCUMENT_INDEXING_VIEW]}}]) + ], 'famfam': 'folder_link', 'position': 2, 'permissions': [PERMISSION_DOCUMENT_INDEXING_VIEW]}]) -rebuild_index_instances = {'text': _('rebuild indexes'), 'view': 'rebuild_index_instances', 'famfam': 'folder_link', 'permissions': {'namespace': 'document_indexing', 'permissions': [PERMISSION_DOCUMENT_INDEXING_REBUILD_INDEXES]}, 'description': _(u'Deletes and creates from scratch all the document indexes.')} +rebuild_index_instances = {'text': _('rebuild indexes'), 'view': 'rebuild_index_instances', 'famfam': 'folder_link', 'permissions': [PERMISSION_DOCUMENT_INDEXING_REBUILD_INDEXES], 'description': _(u'Deletes and creates from scratch all the document indexes.')} register_tool(rebuild_index_instances, namespace='document_indexing', title=_(u'Indexes')) diff --git a/apps/document_indexing/views.py b/apps/document_indexing/views.py index bb341e3222..cfd478aed2 100644 --- a/apps/document_indexing/views.py +++ b/apps/document_indexing/views.py @@ -16,7 +16,7 @@ from document_indexing.api import get_breadcrumbs, get_instance_link, \ def index_instance_list(request, index_id=None): - check_permissions(request.user, 'document_indexing', [PERMISSION_DOCUMENT_INDEXING_VIEW]) + check_permissions(request.user, [PERMISSION_DOCUMENT_INDEXING_VIEW]) if index_id: index_instance = get_object_or_404(IndexInstance, pk=index_id) @@ -39,7 +39,7 @@ def index_instance_list(request, index_id=None): def rebuild_index_instances(request): - check_permissions(request.user, 'document_indexing', [PERMISSION_DOCUMENT_INDEXING_REBUILD_INDEXES]) + check_permissions(request.user, [PERMISSION_DOCUMENT_INDEXING_REBUILD_INDEXES]) previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', None))) next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', None))) diff --git a/apps/documents/__init__.py b/apps/documents/__init__.py index 973cbbee27..f1d459e004 100644 --- a/apps/documents/__init__.py +++ b/apps/documents/__init__.py @@ -5,7 +5,7 @@ from django.conf import settings from navigation.api import register_links, register_menu, \ register_model_list_columns, register_multi_item_links from main.api import register_diagnostic, register_tool -from permissions.api import register_permissions +from permissions.api import register_permission from tags.widgets import get_tags_inline_widget_simple from documents.models import Document, DocumentPage, DocumentPageTransformation @@ -18,56 +18,54 @@ from documents.literals import PERMISSION_DOCUMENT_CREATE, \ PERMISSION_DOCUMENT_TRANSFORM, PERMISSION_DOCUMENT_TOOLS, \ PERMISSION_DOCUMENT_EDIT -register_permissions('documents', [ - {'name': PERMISSION_DOCUMENT_CREATE, 'label': _(u'Create document')}, - {'name': PERMISSION_DOCUMENT_PROPERTIES_EDIT, 'label': _(u'Edit document properties')}, - {'name': PERMISSION_DOCUMENT_EDIT, 'label': _(u'Edit document')}, - {'name': PERMISSION_DOCUMENT_VIEW, 'label': _(u'View document')}, - {'name': PERMISSION_DOCUMENT_DELETE, 'label': _(u'Delete document')}, - {'name': PERMISSION_DOCUMENT_DOWNLOAD, 'label': _(u'Download document')}, - {'name': PERMISSION_DOCUMENT_TRANSFORM, 'label': _(u'Transform document')}, - {'name': PERMISSION_DOCUMENT_TOOLS, 'label': _(u'Execute document modifying tools')}, -]) +register_permission(PERMISSION_DOCUMENT_CREATE) +register_permission(PERMISSION_DOCUMENT_PROPERTIES_EDIT) +register_permission(PERMISSION_DOCUMENT_EDIT) +register_permission(PERMISSION_DOCUMENT_VIEW) +register_permission(PERMISSION_DOCUMENT_DELETE) +register_permission(PERMISSION_DOCUMENT_DOWNLOAD) +register_permission(PERMISSION_DOCUMENT_TRANSFORM) +register_permission(PERMISSION_DOCUMENT_TOOLS) -document_list = {'text': _(u'documents list'), 'view': 'document_list', 'famfam': 'page', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_VIEW]}} -document_list_recent = {'text': _(u'recent documents list'), 'view': 'document_list_recent', 'famfam': 'page', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_VIEW]}} -document_create = {'text': _(u'upload a new document'), 'view': 'document_create', 'famfam': 'page_add', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_CREATE]}} -document_create_multiple = {'text': _(u'upload new documents'), 'view': 'document_create_multiple', 'famfam': 'page_add', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_CREATE]}} -document_create_siblings = {'text': _(u'upload new documents using same metadata'), 'view': 'document_create_siblings', 'args': 'object.id', 'famfam': 'page_copy', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_CREATE]}} -document_view_simple = {'text': _(u'details (simple)'), 'view': 'document_view_simple', 'args': 'object.id', 'famfam': 'page', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_VIEW]}} -document_view_advanced = {'text': _(u'details (advanced)'), 'view': 'document_view_advanced', 'args': 'object.id', 'famfam': 'page', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_VIEW]}} -document_delete = {'text': _(u'delete'), 'view': 'document_delete', 'args': 'object.id', 'famfam': 'page_delete', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_DELETE]}} -document_multiple_delete = {'text': _(u'delete'), 'view': 'document_multiple_delete', 'famfam': 'page_delete', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_DELETE]}} -document_edit = {'text': _(u'edit'), 'view': 'document_edit', 'args': 'object.id', 'famfam': 'page_edit', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_PROPERTIES_EDIT]}} -document_preview = {'text': _(u'preview'), 'class': 'fancybox', 'view': 'document_preview', 'args': 'object.id', 'famfam': 'magnifier', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_VIEW]}} -document_download = {'text': _(u'download'), 'view': 'document_download', 'args': 'object.id', 'famfam': 'page_save', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_DOWNLOAD]}} -document_find_duplicates = {'text': _(u'find duplicates'), 'view': 'document_find_duplicates', 'args': 'object.id', 'famfam': 'page_refresh', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_VIEW]}} -document_find_all_duplicates = {'text': _(u'find all duplicates'), 'view': 'document_find_all_duplicates', 'famfam': 'page_refresh', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_VIEW]}, 'description': _(u'Search all the documents\' checksums and return a list of the exact matches.')} -document_clear_transformations = {'text': _(u'clear all transformations'), 'view': 'document_clear_transformations', 'args': 'object.id', 'famfam': 'page_paintbrush', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_TRANSFORM]}} -document_multiple_clear_transformations = {'text': _(u'clear all transformations'), 'view': 'document_multiple_clear_transformations', 'famfam': 'page_paintbrush', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_TRANSFORM]}} -document_print = {'text': _(u'print'), 'view': 'document_print', 'args': 'object.id', 'famfam': 'printer', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_VIEW]}} +document_list = {'text': _(u'documents list'), 'view': 'document_list', 'famfam': 'page', 'permissions': [PERMISSION_DOCUMENT_VIEW]} +document_list_recent = {'text': _(u'recent documents list'), 'view': 'document_list_recent', 'famfam': 'page', 'permissions': [PERMISSION_DOCUMENT_VIEW]} +document_create = {'text': _(u'upload a new document'), 'view': 'document_create', 'famfam': 'page_add', 'permissions': [PERMISSION_DOCUMENT_CREATE]} +document_create_multiple = {'text': _(u'upload new documents'), 'view': 'document_create_multiple', 'famfam': 'page_add', 'permissions': [PERMISSION_DOCUMENT_CREATE]} +document_create_siblings = {'text': _(u'upload new documents using same metadata'), 'view': 'document_create_siblings', 'args': 'object.id', 'famfam': 'page_copy', 'permissions': [PERMISSION_DOCUMENT_CREATE]} +document_view_simple = {'text': _(u'details (simple)'), 'view': 'document_view_simple', 'args': 'object.id', 'famfam': 'page', 'permissions': [PERMISSION_DOCUMENT_VIEW]} +document_view_advanced = {'text': _(u'details (advanced)'), 'view': 'document_view_advanced', 'args': 'object.id', 'famfam': 'page', 'permissions': [PERMISSION_DOCUMENT_VIEW]} +document_delete = {'text': _(u'delete'), 'view': 'document_delete', 'args': 'object.id', 'famfam': 'page_delete', 'permissions': [PERMISSION_DOCUMENT_DELETE]} +document_multiple_delete = {'text': _(u'delete'), 'view': 'document_multiple_delete', 'famfam': 'page_delete', 'permissions': [PERMISSION_DOCUMENT_DELETE]} +document_edit = {'text': _(u'edit'), 'view': 'document_edit', 'args': 'object.id', 'famfam': 'page_edit', 'permissions': [PERMISSION_DOCUMENT_PROPERTIES_EDIT]} +document_preview = {'text': _(u'preview'), 'class': 'fancybox', 'view': 'document_preview', 'args': 'object.id', 'famfam': 'magnifier', 'permissions': [PERMISSION_DOCUMENT_VIEW]} +document_download = {'text': _(u'download'), 'view': 'document_download', 'args': 'object.id', 'famfam': 'page_save', 'permissions': [PERMISSION_DOCUMENT_DOWNLOAD]} +document_find_duplicates = {'text': _(u'find duplicates'), 'view': 'document_find_duplicates', 'args': 'object.id', 'famfam': 'page_refresh', 'permissions': [PERMISSION_DOCUMENT_VIEW]} +document_find_all_duplicates = {'text': _(u'find all duplicates'), 'view': 'document_find_all_duplicates', 'famfam': 'page_refresh', 'permissions': [PERMISSION_DOCUMENT_VIEW], 'description': _(u'Search all the documents\' checksums and return a list of the exact matches.')} +document_clear_transformations = {'text': _(u'clear all transformations'), 'view': 'document_clear_transformations', 'args': 'object.id', 'famfam': 'page_paintbrush', 'permissions': [PERMISSION_DOCUMENT_TRANSFORM]} +document_multiple_clear_transformations = {'text': _(u'clear all transformations'), 'view': 'document_multiple_clear_transformations', 'famfam': 'page_paintbrush', 'permissions': [PERMISSION_DOCUMENT_TRANSFORM]} +document_print = {'text': _(u'print'), 'view': 'document_print', 'args': 'object.id', 'famfam': 'printer', 'permissions': [PERMISSION_DOCUMENT_VIEW]} -document_page_transformation_list = {'text': _(u'page transformations'), 'class': 'no-parent-history', 'view': 'document_page_transformation_list', 'args': 'object.id', 'famfam': 'pencil_go', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_TRANSFORM]}} -document_page_transformation_create = {'text': _(u'create new transformation'), 'class': 'no-parent-history', 'view': 'document_page_transformation_create', 'args': 'object.id', 'famfam': 'pencil_add', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_TRANSFORM]}} -document_page_transformation_edit = {'text': _(u'edit'), 'class': 'no-parent-history', 'view': 'document_page_transformation_edit', 'args': 'object.id', 'famfam': 'pencil_go', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_TRANSFORM]}} -document_page_transformation_delete = {'text': _(u'delete'), 'class': 'no-parent-history', 'view': 'document_page_transformation_delete', 'args': 'object.id', 'famfam': 'pencil_delete', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_TRANSFORM]}} -document_page_transformation_page_view = {'text': _(u'page details'), 'class': 'no-parent-history', 'view': 'document_page_view', 'args': 'object.document_page.id', 'famfam': 'page_white', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_VIEW]}} -document_page_transformation_page_edit = {'text': _(u'edit page'), 'class': 'no-parent-history', 'view': 'document_page_edit', 'args': 'object.document_page.id', 'famfam': 'page_white', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_EDIT]}} -document_page_transformation_page_transformation_list = {'text': _(u'page transformations'), 'class': 'no-parent-history', 'view': 'document_page_transformation_list', 'args': 'object.document_page.id', 'famfam': 'pencil_go', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_TRANSFORM]}} +document_page_transformation_list = {'text': _(u'page transformations'), 'class': 'no-parent-history', 'view': 'document_page_transformation_list', 'args': 'object.id', 'famfam': 'pencil_go', 'permissions': [PERMISSION_DOCUMENT_TRANSFORM]} +document_page_transformation_create = {'text': _(u'create new transformation'), 'class': 'no-parent-history', 'view': 'document_page_transformation_create', 'args': 'object.id', 'famfam': 'pencil_add', 'permissions': [PERMISSION_DOCUMENT_TRANSFORM]} +document_page_transformation_edit = {'text': _(u'edit'), 'class': 'no-parent-history', 'view': 'document_page_transformation_edit', 'args': 'object.id', 'famfam': 'pencil_go', 'permissions': [PERMISSION_DOCUMENT_TRANSFORM]} +document_page_transformation_delete = {'text': _(u'delete'), 'class': 'no-parent-history', 'view': 'document_page_transformation_delete', 'args': 'object.id', 'famfam': 'pencil_delete', 'permissions': [PERMISSION_DOCUMENT_TRANSFORM]} +document_page_transformation_page_view = {'text': _(u'page details'), 'class': 'no-parent-history', 'view': 'document_page_view', 'args': 'object.document_page.id', 'famfam': 'page_white', 'permissions': [PERMISSION_DOCUMENT_VIEW]} +document_page_transformation_page_edit = {'text': _(u'edit page'), 'class': 'no-parent-history', 'view': 'document_page_edit', 'args': 'object.document_page.id', 'famfam': 'page_white', 'permissions': [PERMISSION_DOCUMENT_EDIT]} +document_page_transformation_page_transformation_list = {'text': _(u'page transformations'), 'class': 'no-parent-history', 'view': 'document_page_transformation_list', 'args': 'object.document_page.id', 'famfam': 'pencil_go', 'permissions': [PERMISSION_DOCUMENT_TRANSFORM]} -document_page_view = {'text': _(u'page image'), 'class': 'no-parent-history', 'view': 'document_page_view', 'args': 'object.id', 'famfam': 'page_white_picture', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_VIEW]}} -document_page_text = {'text': _(u'page text'), 'class': 'no-parent-history', 'view': 'document_page_text', 'args': 'object.id', 'famfam': 'page_white_text', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_VIEW]}} -document_page_edit = {'text': _(u'edit page text'), 'class': 'no-parent-history', 'view': 'document_page_edit', 'args': 'object.id', 'famfam': 'page_white_edit', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_EDIT]}} -document_page_navigation_next = {'text': _(u'next page'), 'class': 'no-parent-history', 'view': 'document_page_navigation_next', 'args': 'object.id', 'famfam': 'resultset_next', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_VIEW]}} -document_page_navigation_previous = {'text': _(u'previous page'), 'class': 'no-parent-history', 'view': 'document_page_navigation_previous', 'args': 'object.id', 'famfam': 'resultset_previous', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_VIEW]}} -document_page_navigation_first = {'text': _(u'first page'), 'class': 'no-parent-history', 'view': 'document_page_navigation_first', 'args': 'object.id', 'famfam': 'resultset_first', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_VIEW]}} -document_page_navigation_last = {'text': _(u'last page'), 'class': 'no-parent-history', 'view': 'document_page_navigation_last', 'args': 'object.id', 'famfam': 'resultset_last', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_VIEW]}} -document_page_zoom_in = {'text': _(u'zoom in'), 'class': 'no-parent-history', 'view': 'document_page_zoom_in', 'args': 'object.id', 'famfam': 'zoom_in', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_VIEW]}} -document_page_zoom_out = {'text': _(u'zoom out'), 'class': 'no-parent-history', 'view': 'document_page_zoom_out', 'args': 'object.id', 'famfam': 'zoom_out', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_VIEW]}} -document_page_rotate_right = {'text': _(u'rotate right'), 'class': 'no-parent-history', 'view': 'document_page_rotate_right', 'args': 'object.id', 'famfam': 'arrow_turn_right', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_VIEW]}} -document_page_rotate_left = {'text': _(u'rotate left'), 'class': 'no-parent-history', 'view': 'document_page_rotate_left', 'args': 'object.id', 'famfam': 'arrow_turn_left', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_VIEW]}} +document_page_view = {'text': _(u'page image'), 'class': 'no-parent-history', 'view': 'document_page_view', 'args': 'object.id', 'famfam': 'page_white_picture', 'permissions': [PERMISSION_DOCUMENT_VIEW]} +document_page_text = {'text': _(u'page text'), 'class': 'no-parent-history', 'view': 'document_page_text', 'args': 'object.id', 'famfam': 'page_white_text', 'permissions': [PERMISSION_DOCUMENT_VIEW]} +document_page_edit = {'text': _(u'edit page text'), 'class': 'no-parent-history', 'view': 'document_page_edit', 'args': 'object.id', 'famfam': 'page_white_edit', 'permissions': [PERMISSION_DOCUMENT_EDIT]} +document_page_navigation_next = {'text': _(u'next page'), 'class': 'no-parent-history', 'view': 'document_page_navigation_next', 'args': 'object.id', 'famfam': 'resultset_next', 'permissions': [PERMISSION_DOCUMENT_VIEW]} +document_page_navigation_previous = {'text': _(u'previous page'), 'class': 'no-parent-history', 'view': 'document_page_navigation_previous', 'args': 'object.id', 'famfam': 'resultset_previous', 'permissions': [PERMISSION_DOCUMENT_VIEW]} +document_page_navigation_first = {'text': _(u'first page'), 'class': 'no-parent-history', 'view': 'document_page_navigation_first', 'args': 'object.id', 'famfam': 'resultset_first', 'permissions': [PERMISSION_DOCUMENT_VIEW]} +document_page_navigation_last = {'text': _(u'last page'), 'class': 'no-parent-history', 'view': 'document_page_navigation_last', 'args': 'object.id', 'famfam': 'resultset_last', 'permissions': [PERMISSION_DOCUMENT_VIEW]} +document_page_zoom_in = {'text': _(u'zoom in'), 'class': 'no-parent-history', 'view': 'document_page_zoom_in', 'args': 'object.id', 'famfam': 'zoom_in', 'permissions': [PERMISSION_DOCUMENT_VIEW]} +document_page_zoom_out = {'text': _(u'zoom out'), 'class': 'no-parent-history', 'view': 'document_page_zoom_out', 'args': 'object.id', 'famfam': 'zoom_out', 'permissions': [PERMISSION_DOCUMENT_VIEW]} +document_page_rotate_right = {'text': _(u'rotate right'), 'class': 'no-parent-history', 'view': 'document_page_rotate_right', 'args': 'object.id', 'famfam': 'arrow_turn_right', 'permissions': [PERMISSION_DOCUMENT_VIEW]} +document_page_rotate_left = {'text': _(u'rotate left'), 'class': 'no-parent-history', 'view': 'document_page_rotate_left', 'args': 'object.id', 'famfam': 'arrow_turn_left', 'permissions': [PERMISSION_DOCUMENT_VIEW]} -document_missing_list = {'text': _(u'Find missing document files'), 'view': 'document_missing_list', 'famfam': 'folder_page', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_VIEW]}} +document_missing_list = {'text': _(u'Find missing document files'), 'view': 'document_missing_list', 'famfam': 'folder_page', 'permissions': [PERMISSION_DOCUMENT_VIEW]} upload_document_from_local = {'text': _(u'local'), 'view': 'upload_document_from_local', 'famfam': 'drive_disk', 'keep_query': True} upload_document_from_staging = {'text': _(u'staging'), 'view': 'upload_document_from_staging', 'famfam': 'drive_network', 'keep_query': True, 'condition': lambda x: USE_STAGING_DIRECTORY} diff --git a/apps/documents/literals.py b/apps/documents/literals.py index 74d9373de4..075b35dadc 100644 --- a/apps/documents/literals.py +++ b/apps/documents/literals.py @@ -1,16 +1,18 @@ +from django.utils.translation import ugettext_lazy as _ + PICTURE_ERROR_SMALL = u'picture_error.png' PICTURE_ERROR_MEDIUM = u'1297211435_error.png' PICTURE_UNKNOWN_SMALL = u'1299549572_unknown2.png' PICTURE_UNKNOWN_MEDIUM = u'1299549805_unknown.png' -PERMISSION_DOCUMENT_CREATE = 'document_create' -PERMISSION_DOCUMENT_PROPERTIES_EDIT = 'document_properties_edit' -PERMISSION_DOCUMENT_EDIT = 'document_edit' -PERMISSION_DOCUMENT_VIEW = 'document_view' -PERMISSION_DOCUMENT_DELETE = 'document_delete' -PERMISSION_DOCUMENT_DOWNLOAD = 'document_download' -PERMISSION_DOCUMENT_TRANSFORM = 'document_transform' -PERMISSION_DOCUMENT_TOOLS = 'document_tools' +PERMISSION_DOCUMENT_CREATE = {'namespace': 'documents', 'name': 'document_create', 'label': _(u'Create document')} +PERMISSION_DOCUMENT_PROPERTIES_EDIT = {'namespace': 'documents', 'name': 'document_properties_edit', 'label': _(u'Edit document properties')} +PERMISSION_DOCUMENT_EDIT = {'namespace': 'documents', 'name': 'document_edit', 'label': _(u'Edit document')} +PERMISSION_DOCUMENT_VIEW = {'namespace': 'documents', 'name': 'document_view', 'label': _(u'View document')} +PERMISSION_DOCUMENT_DELETE = {'namespace': 'documents', 'name': 'document_delete', 'label': _(u'Delete document')} +PERMISSION_DOCUMENT_DOWNLOAD = {'namespace': 'documents', 'name': 'document_download', 'label': _(u'Download document')} +PERMISSION_DOCUMENT_TRANSFORM = {'namespace': 'documents', 'name': 'document_transform', 'label': _(u'Transform document')} +PERMISSION_DOCUMENT_TOOLS = {'namespace': 'documents', 'name': 'document_tools', 'label': _(u'Execute document modifying tools')} UPLOAD_SOURCE_LOCAL = u'local' UPLOAD_SOURCE_STAGING = u'staging' diff --git a/apps/documents/views.py b/apps/documents/views.py index 6369a49712..372de7819b 100644 --- a/apps/documents/views.py +++ b/apps/documents/views.py @@ -75,7 +75,7 @@ from documents.literals import UPLOAD_SOURCE_LOCAL, \ def document_list(request, object_list=None, title=None): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_VIEW]) + check_permissions(request.user, [PERMISSION_DOCUMENT_VIEW]) return render_to_response('generic_list.html', { 'object_list': object_list if not (object_list is None) else Document.objects.only('file_filename', 'file_extension').all(), @@ -86,7 +86,7 @@ def document_list(request, object_list=None, title=None): def document_create(request): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_CREATE]) + check_permissions(request.user, [PERMISSION_DOCUMENT_CREATE]) wizard = DocumentCreateWizard(form_list=[DocumentTypeSelectForm, MetadataSelectionForm, MetadataFormSet]) @@ -94,7 +94,7 @@ def document_create(request): def document_create_siblings(request, document_id): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_CREATE]) + check_permissions(request.user, [PERMISSION_DOCUMENT_CREATE]) document = get_object_or_404(Document, pk=document_id) query_dict = {} @@ -149,7 +149,7 @@ def _handle_zip_file(request, uploaded_file, document_type=None): def upload_document_with_type(request, source): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_CREATE]) + check_permissions(request.user, [PERMISSION_DOCUMENT_CREATE]) document_type_id = request.GET.get('document_type_id', None) if document_type_id: @@ -263,7 +263,7 @@ def upload_document_with_type(request, source): def document_view_simple(request, document_id): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_VIEW]) + check_permissions(request.user, [PERMISSION_DOCUMENT_VIEW]) #document = get_object_or_404(Document.objects.select_related(), pk=document_id) # Triggers a 404 error on documents uploaded via local upload @@ -331,7 +331,7 @@ def document_view_simple(request, document_id): def document_view_advanced(request, document_id): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_VIEW]) + check_permissions(request.user, [PERMISSION_DOCUMENT_VIEW]) #document = get_object_or_404(Document.objects.select_related(), pk=document_id) # Triggers a 404 error on documents uploaded via local upload @@ -413,7 +413,7 @@ def document_view_advanced(request, document_id): def document_delete(request, document_id=None, document_id_list=None): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_DELETE]) + check_permissions(request.user, [PERMISSION_DOCUMENT_DELETE]) post_action_redirect = None if document_id: @@ -469,9 +469,7 @@ def document_multiple_delete(request): def document_edit(request, document_id): - check_permissions( - request.user, 'documents', [PERMISSION_DOCUMENT_PROPERTIES_EDIT] - ) + check_permissions(request.user, [PERMISSION_DOCUMENT_PROPERTIES_EDIT]) document = get_object_or_404(Document, pk=document_id) @@ -541,7 +539,7 @@ def calculate_converter_arguments(document, *args, **kwargs): def get_document_image(request, document_id, size=PREVIEW_SIZE, quality=QUALITY_DEFAULT): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_VIEW]) + check_permissions(request.user, [PERMISSION_DOCUMENT_VIEW]) document = get_object_or_404(Document, pk=document_id) @@ -589,7 +587,7 @@ def get_document_image(request, document_id, size=PREVIEW_SIZE, quality=QUALITY_ def document_download(request, document_id): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_DOWNLOAD]) + check_permissions(request.user, [PERMISSION_DOCUMENT_DOWNLOAD]) document = get_object_or_404(Document, pk=document_id) try: @@ -607,7 +605,7 @@ def document_download(request, document_id): def staging_file_preview(request, source, staging_file_id): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_CREATE]) + check_permissions(request.user, [PERMISSION_DOCUMENT_CREATE]) StagingFile = create_staging_file_class(request, source) try: output_file, errors = StagingFile.get(staging_file_id).preview() @@ -633,7 +631,7 @@ def staging_file_preview(request, source, staging_file_id): def staging_file_delete(request, source, staging_file_id): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_CREATE]) + check_permissions(request.user, [PERMISSION_DOCUMENT_CREATE]) StagingFile = create_staging_file_class(request, source) staging_file = StagingFile.get(staging_file_id) @@ -659,7 +657,7 @@ def staging_file_delete(request, source, staging_file_id): def document_page_transformation_list(request, document_page_id): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_TRANSFORM]) + check_permissions(request.user, [PERMISSION_DOCUMENT_TRANSFORM]) document_page = get_object_or_404(DocumentPage, pk=document_page_id) @@ -683,7 +681,7 @@ def document_page_transformation_list(request, document_page_id): def document_page_transformation_create(request, document_page_id): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_TRANSFORM]) + check_permissions(request.user, [PERMISSION_DOCUMENT_TRANSFORM]) document_page = get_object_or_404(DocumentPage, pk=document_page_id) @@ -705,7 +703,7 @@ def document_page_transformation_create(request, document_page_id): def document_page_transformation_edit(request, document_page_transformation_id): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_TRANSFORM]) + check_permissions(request.user, [PERMISSION_DOCUMENT_TRANSFORM]) document_page_transformation = get_object_or_404(DocumentPageTransformation, pk=document_page_transformation_id) return update_object(request, template_name='generic_form.html', @@ -723,7 +721,7 @@ def document_page_transformation_edit(request, document_page_transformation_id): def document_page_transformation_delete(request, document_page_transformation_id): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_TRANSFORM]) + check_permissions(request.user, [PERMISSION_DOCUMENT_TRANSFORM]) previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', None))) @@ -746,7 +744,7 @@ def document_page_transformation_delete(request, document_page_transformation_id def document_find_duplicates(request, document_id): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_VIEW]) + check_permissions(request.user, [PERMISSION_DOCUMENT_VIEW]) document = get_object_or_404(Document, pk=document_id) return _find_duplicate_list(request, [document], include_source=True, confirmation=False) @@ -778,13 +776,13 @@ def _find_duplicate_list(request, source_document_list=Document.objects.all(), i def document_find_all_duplicates(request): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_VIEW]) + check_permissions(request.user, [PERMISSION_DOCUMENT_VIEW]) return _find_duplicate_list(request, include_source=True) def document_clear_transformations(request, document_id=None, document_id_list=None): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_TRANSFORM]) + check_permissions(request.user, [PERMISSION_DOCUMENT_TRANSFORM]) if document_id: documents = [get_object_or_404(Document.objects, pk=document_id)] @@ -835,7 +833,7 @@ def document_multiple_clear_transformations(request): def document_missing_list(request): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_VIEW]) + check_permissions(request.user, [PERMISSION_DOCUMENT_VIEW]) previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', None))) @@ -857,7 +855,7 @@ def document_missing_list(request): def document_page_view(request, document_page_id): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_VIEW]) + check_permissions(request.user, [PERMISSION_DOCUMENT_VIEW]) document_page = get_object_or_404(DocumentPage, pk=document_page_id) @@ -874,7 +872,7 @@ def document_page_view(request, document_page_id): def document_page_text(request, document_page_id): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_VIEW]) + check_permissions(request.user, [PERMISSION_DOCUMENT_VIEW]) document_page = get_object_or_404(DocumentPage, pk=document_page_id) document_page_form = DocumentPageForm_text(instance=document_page) @@ -888,7 +886,7 @@ def document_page_text(request, document_page_id): def document_page_edit(request, document_page_id): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_EDIT]) + check_permissions(request.user, [PERMISSION_DOCUMENT_EDIT]) document_page = get_object_or_404(DocumentPage, pk=document_page_id) @@ -912,7 +910,7 @@ def document_page_edit(request, document_page_id): def document_page_navigation_next(request, document_page_id): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_VIEW]) + check_permissions(request.user, [PERMISSION_DOCUMENT_VIEW]) view = resolve_to_name(urlparse.urlparse(request.META.get('HTTP_REFERER', u'/')).path) document_page = get_object_or_404(DocumentPage, pk=document_page_id) @@ -925,7 +923,7 @@ def document_page_navigation_next(request, document_page_id): def document_page_navigation_previous(request, document_page_id): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_VIEW]) + check_permissions(request.user, [PERMISSION_DOCUMENT_VIEW]) view = resolve_to_name(urlparse.urlparse(request.META.get('HTTP_REFERER', u'/')).path) document_page = get_object_or_404(DocumentPage, pk=document_page_id) @@ -938,7 +936,7 @@ def document_page_navigation_previous(request, document_page_id): def document_page_navigation_first(request, document_page_id): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_VIEW]) + check_permissions(request.user, [PERMISSION_DOCUMENT_VIEW]) view = resolve_to_name(urlparse.urlparse(request.META.get('HTTP_REFERER', u'/')).path) document_page = get_object_or_404(DocumentPage, pk=document_page_id) @@ -947,7 +945,7 @@ def document_page_navigation_first(request, document_page_id): def document_page_navigation_last(request, document_page_id): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_VIEW]) + check_permissions(request.user, [PERMISSION_DOCUMENT_VIEW]) view = resolve_to_name(urlparse.urlparse(request.META.get('HTTP_REFERER', u'/')).path) document_page = get_object_or_404(DocumentPage, pk=document_page_id) @@ -964,7 +962,7 @@ def document_list_recent(request): def transform_page(request, document_page_id, zoom_function=None, rotation_function=None): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_VIEW]) + check_permissions(request.user, [PERMISSION_DOCUMENT_VIEW]) view = resolve_to_name(urlparse.urlparse(request.META.get('HTTP_REFERER', u'/')).path) document_page = get_object_or_404(DocumentPage, pk=document_page_id) @@ -1022,7 +1020,7 @@ def document_page_rotate_left(request, document_page_id): def document_print(request, document_id): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_VIEW]) + check_permissions(request.user, [PERMISSION_DOCUMENT_VIEW]) document = get_object_or_404(Document, pk=document_id) @@ -1078,7 +1076,7 @@ def document_print(request, document_id): def document_hard_copy(request, document_id): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_VIEW]) + check_permissions(request.user, [PERMISSION_DOCUMENT_VIEW]) document = get_object_or_404(Document, pk=document_id) diff --git a/apps/folders/views.py b/apps/folders/views.py index 7b8fb9560f..f4bb61dc1d 100644 --- a/apps/folders/views.py +++ b/apps/folders/views.py @@ -140,7 +140,7 @@ def folder_view(request, folder_id): def folder_add_document(request, document_id): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_VIEW]) + check_permissions(request.user, [PERMISSION_DOCUMENT_VIEW]) document = get_object_or_404(Document, pk=document_id) if request.method == 'POST': diff --git a/apps/grouping/__init__.py b/apps/grouping/__init__.py index aaee19851d..e623baf209 100644 --- a/apps/grouping/__init__.py +++ b/apps/grouping/__init__.py @@ -4,8 +4,8 @@ from navigation.api import register_links from documents.literals import PERMISSION_DOCUMENT_CREATE, PERMISSION_DOCUMENT_VIEW -document_group_link = {'text': _(u'group actions'), 'view': 'document_group_view', 'famfam': 'page_go', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_VIEW]}} -document_group_back_to_document = {'text': _(u'return to document'), 'view': 'document_view_simple', 'args': 'ref_object.id', 'famfam': 'page', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_VIEW]}} -document_group_create_siblings = {'text': _(u'upload new documents using same metadata'), 'view': 'document_create_siblings', 'args': 'ref_object.id', 'famfam': 'page_copy', 'permissions': {'namespace': 'documents', 'permissions': [PERMISSION_DOCUMENT_CREATE]}} +document_group_link = {'text': _(u'group actions'), 'view': 'document_group_view', 'famfam': 'page_go', 'permissions': [PERMISSION_DOCUMENT_VIEW]} +document_group_back_to_document = {'text': _(u'return to document'), 'view': 'document_view_simple', 'args': 'ref_object.id', 'famfam': 'page', 'permissions': [PERMISSION_DOCUMENT_VIEW]} +document_group_create_siblings = {'text': _(u'upload new documents using same metadata'), 'view': 'document_create_siblings', 'args': 'ref_object.id', 'famfam': 'page_copy', 'permissions': [PERMISSION_DOCUMENT_CREATE]} register_links(['document_group_view'], [document_group_back_to_document, document_group_create_siblings], menu_name='sidebar') diff --git a/apps/grouping/views.py b/apps/grouping/views.py index 48179b89d4..ba415d252b 100644 --- a/apps/grouping/views.py +++ b/apps/grouping/views.py @@ -22,12 +22,11 @@ def document_group_action(request): def document_group_view(request, document_id, document_group_id): - check_permissions(request.user, 'documents', [PERMISSION_DOCUMENT_VIEW]) + check_permissions(request.user, [PERMISSION_DOCUMENT_VIEW]) document = get_object_or_404(Document, pk=document_id) document_group = get_object_or_404(DocumentGroup, pk=document_group_id) object_list, errors = DocumentGroup.objects.get_groups_for(document, document_group) - #object_list, errors = document.get_metadata_groups(document_group) return render_to_response('generic_list.html', { 'object_list': object_list['documents'], diff --git a/apps/main/views.py b/apps/main/views.py index ec394ea949..768a0dc5bf 100644 --- a/apps/main/views.py +++ b/apps/main/views.py @@ -20,9 +20,8 @@ def tools_menu(request): for namespace, values in tools.items(): for link in values['links']: try: - namespace = link.get('permissions', {}).get('namespace', None) - permissions = link.get('permissions', {}).get('permissions', []) - check_permissions(request.user, namespace, permissions) + permissions = link.get('permissions', []) + check_permissions(request.user, permissions) user_tools[namespace] = { 'title': values['title'] } diff --git a/apps/metadata/__init__.py b/apps/metadata/__init__.py index 954bb27e4b..816f0dd66c 100644 --- a/apps/metadata/__init__.py +++ b/apps/metadata/__init__.py @@ -1,25 +1,23 @@ from django.utils.translation import ugettext_lazy as _ from navigation.api import register_links, register_multi_item_links -from permissions.api import register_permissions +from permissions.api import register_permission from documents.models import Document -PERMISSION_METADATA_DOCUMENT_EDIT = u'metadata_document_edit' -PERMISSION_METADATA_DOCUMENT_ADD = u'metadata_document_add' -PERMISSION_METADATA_DOCUMENT_REMOVE = u'metadata_document_remove' +PERMISSION_METADATA_DOCUMENT_EDIT = {'namespace': 'metadata', 'name': u'metadata_document_edit', 'label': _(u'Edit a document\'s metadata')} +PERMISSION_METADATA_DOCUMENT_ADD = {'namespace': 'metadata', 'name': u'metadata_document_add', 'label': _(u'Add metadata to a document')} +PERMISSION_METADATA_DOCUMENT_REMOVE = {'namespace': 'metadata', 'name': u'metadata_document_remove', 'label': _(u'Remove metadata from a document')} -register_permissions('metadata', [ - {'name': PERMISSION_METADATA_DOCUMENT_EDIT, 'label': _(u'Edit a document\'s metadata')}, - {'name': PERMISSION_METADATA_DOCUMENT_ADD, 'label': _(u'Add metadata to a document')}, - {'name': PERMISSION_METADATA_DOCUMENT_REMOVE, 'label': _(u'Remove metadata from a document')}, -]) +register_permission(PERMISSION_METADATA_DOCUMENT_EDIT) +register_permission(PERMISSION_METADATA_DOCUMENT_ADD) +register_permission(PERMISSION_METADATA_DOCUMENT_REMOVE) -metadata_edit = {'text': _(u'edit metadata'), 'view': 'metadata_edit', 'args': 'object.id', 'famfam': 'xhtml_go', 'permissions': {'namespace': 'metadata', 'permissions': [PERMISSION_METADATA_DOCUMENT_EDIT]}} -metadata_multiple_edit = {'text': _(u'edit metadata'), 'view': 'metadata_multiple_edit', 'famfam': 'xhtml_go', 'permissions': {'namespace': 'metadata', 'permissions': [PERMISSION_METADATA_DOCUMENT_EDIT]}} -metadata_add = {'text': _(u'add metadata'), 'view': 'metadata_add', 'args': 'object.id', 'famfam': 'xhtml_add', 'permissions': {'namespace': 'metadata', 'permissions': [PERMISSION_METADATA_DOCUMENT_ADD]}} -metadata_multiple_add = {'text': _(u'add metadata'), 'view': 'metadata_multiple_add', 'famfam': 'xhtml_add', 'permissions': {'namespace': 'metadata', 'permissions': [PERMISSION_METADATA_DOCUMENT_ADD]}} -metadata_remove = {'text': _(u'remove metadata'), 'view': 'metadata_remove', 'args': 'object.id', 'famfam': 'xhtml_delete', 'permissions': {'namespace': 'metadata', 'permissions': [PERMISSION_METADATA_DOCUMENT_REMOVE]}} -metadata_multiple_remove = {'text': _(u'remove metadata'), 'view': 'metadata_multiple_remove', 'famfam': 'xhtml_delete', 'permissions': {'namespace': 'metadata', 'permissions': [PERMISSION_METADATA_DOCUMENT_REMOVE]}} +metadata_edit = {'text': _(u'edit metadata'), 'view': 'metadata_edit', 'args': 'object.id', 'famfam': 'xhtml_go', 'permissions': [PERMISSION_METADATA_DOCUMENT_EDIT]} +metadata_multiple_edit = {'text': _(u'edit metadata'), 'view': 'metadata_multiple_edit', 'famfam': 'xhtml_go', 'permissions': [PERMISSION_METADATA_DOCUMENT_EDIT]} +metadata_add = {'text': _(u'add metadata'), 'view': 'metadata_add', 'args': 'object.id', 'famfam': 'xhtml_add', 'permissions': [PERMISSION_METADATA_DOCUMENT_ADD]} +metadata_multiple_add = {'text': _(u'add metadata'), 'view': 'metadata_multiple_add', 'famfam': 'xhtml_add', 'permissions': [PERMISSION_METADATA_DOCUMENT_ADD]} +metadata_remove = {'text': _(u'remove metadata'), 'view': 'metadata_remove', 'args': 'object.id', 'famfam': 'xhtml_delete', 'permissions': [PERMISSION_METADATA_DOCUMENT_REMOVE]} +metadata_multiple_remove = {'text': _(u'remove metadata'), 'view': 'metadata_multiple_remove', 'famfam': 'xhtml_delete', 'permissions': [PERMISSION_METADATA_DOCUMENT_REMOVE]} register_links(Document, [metadata_add, metadata_edit, metadata_remove]) register_multi_item_links(['document_datagroup_view', 'document_list', 'document_list_recent'], [metadata_multiple_add, metadata_multiple_edit, metadata_multiple_remove]) diff --git a/apps/metadata/views.py b/apps/metadata/views.py index fa212963a7..916fe9e6b2 100644 --- a/apps/metadata/views.py +++ b/apps/metadata/views.py @@ -19,7 +19,7 @@ from metadata.models import DocumentMetadata, MetadataType def metadata_edit(request, document_id=None, document_id_list=None): - check_permissions(request.user, 'metadata', [PERMISSION_METADATA_DOCUMENT_EDIT]) + check_permissions(request.user, [PERMISSION_METADATA_DOCUMENT_EDIT]) if document_id: documents = [get_object_or_404(Document, pk=document_id)] @@ -108,7 +108,7 @@ def metadata_multiple_edit(request): def metadata_add(request, document_id=None, document_id_list=None): - check_permissions(request.user, 'metadata', [PERMISSION_METADATA_DOCUMENT_ADD]) + check_permissions(request.user, [PERMISSION_METADATA_DOCUMENT_ADD]) if document_id: documents = [get_object_or_404(Document, pk=document_id)] @@ -161,7 +161,7 @@ def metadata_multiple_add(request): def metadata_remove(request, document_id=None, document_id_list=None): - check_permissions(request.user, 'metadata', [PERMISSION_METADATA_DOCUMENT_REMOVE]) + check_permissions(request.user, [PERMISSION_METADATA_DOCUMENT_REMOVE]) if document_id: documents = [get_object_or_404(Document, pk=document_id)] diff --git a/apps/navigation/templates/generic_subnavigation.html b/apps/navigation/templates/generic_subnavigation.html index 8585293bf6..cbec99284b 100644 --- a/apps/navigation/templates/generic_subnavigation.html +++ b/apps/navigation/templates/generic_subnavigation.html @@ -1,11 +1,10 @@ {% load permission_tags %} {% load navigation_tags %} -{% with link.permissions.namespace as namespace %} -{% with link.permissions.permissions as permissions %} +{% with link.permissions as permissions %} {% with link.condition as condition %} - {% check_permissions request.user namespace permissions %} + {% check_permissions request.user permissions %} {% if permission %} {% evaluate_link condition as conditional_display %} {% if conditional_display %} @@ -19,4 +18,3 @@ {% endwith %} {% endwith %} -{% endwith %} diff --git a/apps/ocr/__init__.py b/apps/ocr/__init__.py index 51b7ca714a..fa1baa8067 100644 --- a/apps/ocr/__init__.py +++ b/apps/ocr/__init__.py @@ -4,7 +4,7 @@ from django.db.utils import DatabaseError from django.db.models.signals import post_save from navigation.api import register_links, register_menu, register_multi_item_links -from permissions.api import register_permissions +from permissions.api import register_permission from documents.models import Document from main.api import register_tool @@ -12,32 +12,30 @@ from ocr.conf.settings import AUTOMATIC_OCR from ocr.models import DocumentQueue #Permissions -PERMISSION_OCR_DOCUMENT = 'ocr_document' -PERMISSION_OCR_DOCUMENT_DELETE = 'ocr_document_delete' -PERMISSION_OCR_QUEUE_ENABLE_DISABLE = 'ocr_queue_enable_disable' -PERMISSION_OCR_CLEAN_ALL_PAGES = 'ocr_clean_all_pages' +PERMISSION_OCR_DOCUMENT = {'namespace': 'ocr', 'name': 'ocr_document', 'label': _(u'Submit document for OCR')} +PERMISSION_OCR_DOCUMENT_DELETE = {'namespace': 'ocr', 'name': 'ocr_document_delete', 'label': _(u'Delete document for OCR queue')} +PERMISSION_OCR_QUEUE_ENABLE_DISABLE = {'namespace': 'ocr', 'name': 'ocr_queue_enable_disable', 'label': _(u'Can enable/disable an OCR queue')} +PERMISSION_OCR_CLEAN_ALL_PAGES = {'namespace': 'ocr', 'name': 'ocr_clean_all_pages', 'label': _(u'Can execute an OCR clean up on all document pages')} -register_permissions('ocr', [ - {'name': PERMISSION_OCR_DOCUMENT, 'label': _(u'Submit document for OCR')}, - {'name': PERMISSION_OCR_DOCUMENT_DELETE, 'label': _(u'Delete document for OCR queue')}, - {'name': PERMISSION_OCR_QUEUE_ENABLE_DISABLE, 'label': _(u'Can enable/disable an OCR queue')}, - {'name': PERMISSION_OCR_CLEAN_ALL_PAGES, 'label': _(u'Can execute an OCR clean up on all document pages')}, -]) +register_permission(PERMISSION_OCR_DOCUMENT) +register_permission(PERMISSION_OCR_DOCUMENT_DELETE) +register_permission(PERMISSION_OCR_QUEUE_ENABLE_DISABLE) +register_permission(PERMISSION_OCR_CLEAN_ALL_PAGES) #Links -submit_document = {'text': _('submit to OCR queue'), 'view': 'submit_document', 'args': 'object.id', 'famfam': 'hourglass_add', 'permissions': {'namespace': 'ocr', 'permissions': [PERMISSION_OCR_DOCUMENT]}} -re_queue_document = {'text': _('re-queue'), 'view': 're_queue_document', 'args': 'object.id', 'famfam': 'hourglass_add', 'permissions': {'namespace': 'ocr', 'permissions': [PERMISSION_OCR_DOCUMENT]}} -re_queue_multiple_document = {'text': _('re-queue'), 'view': 're_queue_multiple_document', 'famfam': 'hourglass_add', 'permissions': {'namespace': 'ocr', 'permissions': [PERMISSION_OCR_DOCUMENT]}} -queue_document_delete = {'text': _(u'delete'), 'view': 'queue_document_delete', 'args': 'object.id', 'famfam': 'hourglass_delete', 'permissions': {'namespace': 'ocr', 'permissions': [PERMISSION_OCR_DOCUMENT_DELETE]}} -queue_document_multiple_delete = {'text': _(u'delete'), 'view': 'queue_document_multiple_delete', 'famfam': 'hourglass_delete', 'permissions': {'namespace': 'ocr', 'permissions': [PERMISSION_OCR_DOCUMENT_DELETE]}} +submit_document = {'text': _('submit to OCR queue'), 'view': 'submit_document', 'args': 'object.id', 'famfam': 'hourglass_add', 'permissions': [PERMISSION_OCR_DOCUMENT]} +re_queue_document = {'text': _('re-queue'), 'view': 're_queue_document', 'args': 'object.id', 'famfam': 'hourglass_add', 'permissions': [PERMISSION_OCR_DOCUMENT]} +re_queue_multiple_document = {'text': _('re-queue'), 'view': 're_queue_multiple_document', 'famfam': 'hourglass_add', 'permissions': [PERMISSION_OCR_DOCUMENT]} +queue_document_delete = {'text': _(u'delete'), 'view': 'queue_document_delete', 'args': 'object.id', 'famfam': 'hourglass_delete', 'permissions': [PERMISSION_OCR_DOCUMENT_DELETE]} +queue_document_multiple_delete = {'text': _(u'delete'), 'view': 'queue_document_multiple_delete', 'famfam': 'hourglass_delete', 'permissions': [PERMISSION_OCR_DOCUMENT_DELETE]} -document_queue_disable = {'text': _(u'stop queue'), 'view': 'document_queue_disable', 'args': 'object.id', 'famfam': 'control_stop_blue', 'permissions': {'namespace': 'ocr', 'permissions': [PERMISSION_OCR_QUEUE_ENABLE_DISABLE]}} -document_queue_enable = {'text': _(u'activate queue'), 'view': 'document_queue_enable', 'args': 'object.id', 'famfam': 'control_play_blue', 'permissions': {'namespace': 'ocr', 'permissions': [PERMISSION_OCR_QUEUE_ENABLE_DISABLE]}} +document_queue_disable = {'text': _(u'stop queue'), 'view': 'document_queue_disable', 'args': 'object.id', 'famfam': 'control_stop_blue', 'permissions': [PERMISSION_OCR_QUEUE_ENABLE_DISABLE]} +document_queue_enable = {'text': _(u'activate queue'), 'view': 'document_queue_enable', 'args': 'object.id', 'famfam': 'control_play_blue', 'permissions': [PERMISSION_OCR_QUEUE_ENABLE_DISABLE]} -all_document_ocr_cleanup = {'text': _(u'clean up pages content'), 'view': 'all_document_ocr_cleanup', 'famfam': 'text_strikethrough', 'permissions': {'namespace': 'ocr', 'permissions': [PERMISSION_OCR_CLEAN_ALL_PAGES]}, 'description': _(u'Runs a language filter to remove common OCR mistakes from document pages content.')} +all_document_ocr_cleanup = {'text': _(u'clean up pages content'), 'view': 'all_document_ocr_cleanup', 'famfam': 'text_strikethrough', 'permissions': [PERMISSION_OCR_CLEAN_ALL_PAGES], 'description': _(u'Runs a language filter to remove common OCR mistakes from document pages content.')} -queue_document_list = {'text': _(u'queue document list'), 'view': 'queue_document_list', 'famfam': 'hourglass', 'permissions': {'namespace': 'ocr', 'permissions': [PERMISSION_OCR_DOCUMENT]}} -node_active_list = {'text': _(u'active tasks'), 'view': 'node_active_list', 'famfam': 'server_chart', 'permissions': {'namespace': 'ocr', 'permissions': [PERMISSION_OCR_DOCUMENT]}} +queue_document_list = {'text': _(u'queue document list'), 'view': 'queue_document_list', 'famfam': 'hourglass', 'permissions': [PERMISSION_OCR_DOCUMENT]} +node_active_list = {'text': _(u'active tasks'), 'view': 'node_active_list', 'famfam': 'server_chart', 'permissions': [PERMISSION_OCR_DOCUMENT]} register_links(Document, [submit_document]) register_links(DocumentQueue, [document_queue_disable, document_queue_enable]) diff --git a/apps/ocr/views.py b/apps/ocr/views.py index 88c0b518a3..ace51f66a5 100644 --- a/apps/ocr/views.py +++ b/apps/ocr/views.py @@ -38,7 +38,7 @@ def _display_thumbnail(ocr_document): def queue_document_list(request, queue_name='default'): - check_permissions(request.user, 'ocr', [PERMISSION_OCR_DOCUMENT]) + check_permissions(request.user, [PERMISSION_OCR_DOCUMENT]) document_queue = get_object_or_404(DocumentQueue, name=queue_name) @@ -72,7 +72,7 @@ def queue_document_list(request, queue_name='default'): def queue_document_delete(request, queue_document_id=None, queue_document_id_list=None): - check_permissions(request.user, 'ocr', [PERMISSION_OCR_DOCUMENT_DELETE]) + check_permissions(request.user, [PERMISSION_OCR_DOCUMENT_DELETE]) if queue_document_id: queue_documents = [get_object_or_404(QueueDocument, pk=queue_document_id)] @@ -122,7 +122,7 @@ def queue_document_multiple_delete(request): def submit_document(request, document_id): - check_permissions(request.user, 'ocr', [PERMISSION_OCR_DOCUMENT]) + check_permissions(request.user, [PERMISSION_OCR_DOCUMENT]) document = get_object_or_404(Document, pk=document_id) return submit_document_to_queue(request, document=document, @@ -147,7 +147,7 @@ def submit_document_to_queue(request, document, post_submit_redirect=None): def re_queue_document(request, queue_document_id=None, queue_document_id_list=None): - check_permissions(request.user, 'ocr', [PERMISSION_OCR_DOCUMENT]) + check_permissions(request.user, [PERMISSION_OCR_DOCUMENT]) if queue_document_id: queue_documents = [get_object_or_404(QueueDocument, pk=queue_document_id)] @@ -201,7 +201,7 @@ def re_queue_multiple_document(request): def document_queue_disable(request, document_queue_id): - check_permissions(request.user, 'ocr', [PERMISSION_OCR_QUEUE_ENABLE_DISABLE]) + check_permissions(request.user, [PERMISSION_OCR_QUEUE_ENABLE_DISABLE]) next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', None))) previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', None))) @@ -226,7 +226,7 @@ def document_queue_disable(request, document_queue_id): def document_queue_enable(request, document_queue_id): - check_permissions(request.user, 'ocr', [PERMISSION_OCR_QUEUE_ENABLE_DISABLE]) + check_permissions(request.user, [PERMISSION_OCR_QUEUE_ENABLE_DISABLE]) next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', None))) previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', None))) @@ -251,7 +251,7 @@ def document_queue_enable(request, document_queue_id): def all_document_ocr_cleanup(request): - check_permissions(request.user, 'ocr', [PERMISSION_OCR_CLEAN_ALL_PAGES]) + check_permissions(request.user, [PERMISSION_OCR_CLEAN_ALL_PAGES]) previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', None))) next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', None))) @@ -287,7 +287,7 @@ def display_link(obj): def node_active_list(request): - check_permissions(request.user, 'ocr', [PERMISSION_OCR_DOCUMENT]) + check_permissions(request.user, [PERMISSION_OCR_DOCUMENT]) i = inspect() active_tasks = [] diff --git a/apps/permissions/__init__.py b/apps/permissions/__init__.py index c533286686..9e62aeea0a 100644 --- a/apps/permissions/__init__.py +++ b/apps/permissions/__init__.py @@ -8,20 +8,20 @@ from navigation.api import register_links from permissions.conf.settings import DEFAULT_ROLES from permissions.models import Role -PERMISSION_ROLE_VIEW = 'role_view' -PERMISSION_ROLE_EDIT = 'role_edit' -PERMISSION_ROLE_CREATE = 'role_create' -PERMISSION_ROLE_DELETE = 'role_delete' -PERMISSION_PERMISSION_GRANT = 'permission_grant' -PERMISSION_PERMISSION_REVOKE = 'permission_revoke' +PERMISSION_ROLE_VIEW = {'namespace': 'permissions', 'name': 'role_view', 'label':_(u'View roles')} +PERMISSION_ROLE_EDIT = {'namespace': 'permissions', 'name': 'role_edit', 'label':_(u'Edit roles')} +PERMISSION_ROLE_CREATE = {'namespace': 'permissions', 'name': 'role_create', 'label':_(u'Create roles')} +PERMISSION_ROLE_DELETE = {'namespace': 'permissions', 'name': 'role_delete', 'label':_(u'Delete roles')} +PERMISSION_PERMISSION_GRANT = {'namespace': 'permissions', 'name': 'permission_grant', 'label':_(u'Grant permissions')} +PERMISSION_PERMISSION_REVOKE = {'namespace': 'permissions', 'name': 'permission_revoke', 'label':_(u'Revoke permissions')} -role_list = {'text': _(u'roles'), 'view': 'role_list', 'famfam': 'medal_gold_1', 'permissions': {'namespace': 'permissions', 'permissions': [PERMISSION_ROLE_VIEW]}} -role_create = {'text': _(u'create new role'), 'view': 'role_create', 'famfam': 'medal_gold_add', 'permissions': {'namespace': 'permissions', 'permissions': [PERMISSION_ROLE_CREATE]}} -role_edit = {'text': _(u'edit'), 'view': 'role_edit', 'args': 'object.id', 'famfam': 'medal_gold_1', 'permissions': {'namespace': 'permissions', 'permissions': [PERMISSION_ROLE_EDIT]}} -role_members = {'text': _(u'members'), 'view': 'role_members', 'args': 'object.id', 'famfam': 'group_key', 'permissions': {'namespace': 'permissions', 'permissions': [PERMISSION_ROLE_EDIT]}} -role_permissions = {'text': _(u'role permissions'), 'view': 'role_permissions', 'args': 'object.id', 'famfam': 'key_go', 'permissions': {'namespace': 'permissions', 'permissions': [PERMISSION_PERMISSION_GRANT, PERMISSION_PERMISSION_REVOKE]}} -role_delete = {'text': _(u'delete'), 'view': 'role_delete', 'args': 'object.id', 'famfam': 'medal_gold_delete', 'permissions': {'namespace': 'permissions', 'permissions': [PERMISSION_ROLE_DELETE]}} +role_list = {'text': _(u'roles'), 'view': 'role_list', 'famfam': 'medal_gold_1', 'permissions': [PERMISSION_ROLE_VIEW]} +role_create = {'text': _(u'create new role'), 'view': 'role_create', 'famfam': 'medal_gold_add', 'permissions': [PERMISSION_ROLE_CREATE]} +role_edit = {'text': _(u'edit'), 'view': 'role_edit', 'args': 'object.id', 'famfam': 'medal_gold_1', 'permissions': [PERMISSION_ROLE_EDIT]} +role_members = {'text': _(u'members'), 'view': 'role_members', 'args': 'object.id', 'famfam': 'group_key', 'permissions': [PERMISSION_ROLE_EDIT]} +role_permissions = {'text': _(u'role permissions'), 'view': 'role_permissions', 'args': 'object.id', 'famfam': 'key_go', 'permissions': [PERMISSION_PERMISSION_GRANT, PERMISSION_PERMISSION_REVOKE]} +role_delete = {'text': _(u'delete'), 'view': 'role_delete', 'args': 'object.id', 'famfam': 'medal_gold_delete', 'permissions': [PERMISSION_ROLE_DELETE]} register_links(Role, [role_edit, role_delete, role_permissions, role_members]) register_links(['role_members', 'role_list', 'role_view', 'role_create', 'role_edit', 'role_permissions', 'role_delete'], [role_create, role_list], menu_name='sidebar') diff --git a/apps/permissions/api.py b/apps/permissions/api.py index 21e5dcda4a..15272cf1c2 100644 --- a/apps/permissions/api.py +++ b/apps/permissions/api.py @@ -11,36 +11,30 @@ from permissions import PERMISSION_ROLE_VIEW, PERMISSION_ROLE_EDIT, \ from permissions.models import Permission -def register_permissions(namespace, permissions): - if permissions: - for permission in permissions: - try: - permission_obj, created = Permission.objects.get_or_create( - namespace=namespace, name=permission['name']) - permission_obj.label = unicode(permission['label']) - permission_obj.save() - except DatabaseError: - #Special case for ./manage.py syncdb - pass +def register_permission(permission): + try: + permission_obj, created = Permission.objects.get_or_create( + namespace=permission['namespace'], name=permission['name']) + permission_obj.label = unicode(permission['label']) + permission_obj.save() + except DatabaseError: + #Special case for ./manage.py syncdb + pass -#TODO: Handle anonymous users -def check_permissions(requester, namespace, permission_list): +def check_permissions(requester, permission_list): for permission_item in permission_list: permission = get_object_or_404(Permission, - namespace=namespace, name=permission_item) - #if check_permission(requester, permission): + namespace=permission_item['namespace'], name=permission_item['name']) if permission.has_permission(requester): return True raise PermissionDenied(ugettext(u'Insufficient permissions.')) -register_permissions('permissions', [ - {'name': PERMISSION_ROLE_VIEW, 'label':_(u'View roles')}, - {'name': PERMISSION_ROLE_EDIT, 'label':_(u'Edit roles')}, - {'name': PERMISSION_ROLE_CREATE, 'label':_(u'Create roles')}, - {'name': PERMISSION_ROLE_DELETE, 'label':_(u'Delete roles')}, - {'name': PERMISSION_PERMISSION_GRANT, 'label':_(u'Grant permissions')}, - {'name': PERMISSION_PERMISSION_REVOKE, 'label':_(u'Revoke permissions')}, -]) +register_permission(PERMISSION_ROLE_VIEW) +register_permission(PERMISSION_ROLE_EDIT) +register_permission(PERMISSION_ROLE_CREATE) +register_permission(PERMISSION_ROLE_DELETE) +register_permission(PERMISSION_PERMISSION_GRANT) +register_permission(PERMISSION_PERMISSION_REVOKE) diff --git a/apps/permissions/templatetags/permission_tags.py b/apps/permissions/templatetags/permission_tags.py index 423cfd034e..fecffa2796 100644 --- a/apps/permissions/templatetags/permission_tags.py +++ b/apps/permissions/templatetags/permission_tags.py @@ -8,9 +8,8 @@ register = Library() class CheckPermissionsNode(Node): - def __init__(self, requester, namespace=None, permission_list=None, *args, **kwargs): + def __init__(self, requester, permission_list=None, *args, **kwargs): self.requester = requester - self.namespace = namespace self.permission_list = permission_list def render(self, context): @@ -21,9 +20,8 @@ class CheckPermissionsNode(Node): context[u'permission'] = True return u'' requester = Variable(self.requester).resolve(context) - namespace = Variable(self.namespace).resolve(context) try: - check_permission_function(requester, namespace, permission_list) + check_permission_function(requester, permission_list) context[u'permission'] = True return u'' except PermissionDenied: diff --git a/apps/permissions/views.py b/apps/permissions/views.py index ca6205bd35..56434e0b77 100644 --- a/apps/permissions/views.py +++ b/apps/permissions/views.py @@ -23,7 +23,7 @@ from permissions.api import check_permissions def role_list(request): - check_permissions(request.user, 'permissions', [PERMISSION_ROLE_VIEW]) + check_permissions(request.user, [PERMISSION_ROLE_VIEW]) return object_list( request, @@ -54,7 +54,7 @@ def _role_permission_link(requester, permission, permission_list): def role_permissions(request, role_id): - check_permissions(request.user, 'permissions', [PERMISSION_PERMISSION_GRANT, PERMISSION_PERMISSION_REVOKE]) + check_permissions(request.user, [PERMISSION_PERMISSION_GRANT, PERMISSION_PERMISSION_REVOKE]) role = get_object_or_404(Role, pk=role_id) form = RoleForm_view(instance=role) @@ -89,7 +89,7 @@ def role_permissions(request, role_id): def role_edit(request, role_id): - check_permissions(request.user, 'permissions', [PERMISSION_ROLE_EDIT]) + check_permissions(request.user, [PERMISSION_ROLE_EDIT]) return update_object(request, template_name='generic_form.html', form_class=RoleForm, object_id=role_id, extra_context={ @@ -97,7 +97,7 @@ def role_edit(request, role_id): def role_create(request): - check_permissions(request.user, 'permissions', [PERMISSION_ROLE_CREATE]) + check_permissions(request.user, [PERMISSION_ROLE_CREATE]) return create_object(request, model=Role, template_name='generic_form.html', @@ -105,7 +105,7 @@ def role_create(request): def role_delete(request, role_id): - check_permissions(request.user, 'permissions', [PERMISSION_ROLE_DELETE]) + check_permissions(request.user, [PERMISSION_ROLE_DELETE]) next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', None))) previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', None))) @@ -129,12 +129,12 @@ def permission_grant_revoke(request, permission_id, app_label, module_name, pk, permission = get_object_or_404(Permission, pk=permission_id) if action == 'grant': - check_permissions(request.user, 'permissions', [PERMISSION_PERMISSION_GRANT]) + check_permissions(request.user, [PERMISSION_PERMISSION_GRANT]) title = _(u'Are you sure you wish to grant the permission "%(permission)s" to %(ct_name)s: %(requester)s') % { 'permission': permission, 'ct_name': ct.name, 'requester': requester} elif action == 'revoke': - check_permissions(request.user, 'permissions', [PERMISSION_PERMISSION_REVOKE]) + check_permissions(request.user, [PERMISSION_PERMISSION_REVOKE]) title = _(u'Are you sure you wish to revoke the permission "%(permission)s" from %(ct_name)s: %(requester)s') % { 'permission': permission, 'ct_name': ct.name, 'requester': requester} else: @@ -202,7 +202,7 @@ def remove_role_member(role, selection): def role_members(request, role_id): - check_permissions(request.user, 'permissions', [PERMISSION_ROLE_EDIT]) + check_permissions(request.user, [PERMISSION_ROLE_EDIT]) role = get_object_or_404(Role, pk=role_id) return assign_remove( diff --git a/apps/tags/__init__.py b/apps/tags/__init__.py index 05dc59ed70..263b565629 100644 --- a/apps/tags/__init__.py +++ b/apps/tags/__init__.py @@ -2,31 +2,29 @@ from django.utils.translation import ugettext_lazy as _ from navigation.api import register_links, register_menu, \ register_model_list_columns, register_multi_item_links -from permissions.api import register_permissions +from permissions.api import register_permission from navigation.api import register_sidebar_template from taggit.models import Tag -PERMISSION_TAG_CREATE = 'tag_create' -PERMISSION_TAG_ATTACH = 'tag_attach' -PERMISSION_TAG_REMOVE = 'tag_remove' -PERMISSION_TAG_DELETE = 'tag_delete' -PERMISSION_TAG_EDIT = 'tag_edit' +PERMISSION_TAG_CREATE = {'namespace': 'tags', 'name': 'tag_create', 'label': _(u'Create new tags')} +PERMISSION_TAG_ATTACH = {'namespace': 'tags', 'name': 'tag_attach', 'label': _(u'Attach exising tags')} +PERMISSION_TAG_REMOVE = {'namespace': 'tags', 'name': 'tag_remove', 'label': _(u'Remove tags from documents')} +PERMISSION_TAG_DELETE = {'namespace': 'tags', 'name': 'tag_delete', 'label': _(u'Delete global tags')} +PERMISSION_TAG_EDIT = {'namespace': 'tags', 'name': 'tag_edit', 'label': _(u'Edit global tags')} -register_permissions('tags', [ - {'name': PERMISSION_TAG_CREATE, 'label': _(u'Create new tags')}, - {'name': PERMISSION_TAG_ATTACH, 'label': _(u'Attach exising tags')}, - {'name': PERMISSION_TAG_REMOVE, 'label': _(u'Remove tags from documents')}, - {'name': PERMISSION_TAG_DELETE, 'label': _(u'Delete global tags')}, - {'name': PERMISSION_TAG_EDIT, 'label': _(u'Edit global tags')}, -]) +register_permission(PERMISSION_TAG_CREATE) +register_permission(PERMISSION_TAG_ATTACH) +register_permission(PERMISSION_TAG_REMOVE) +register_permission(PERMISSION_TAG_DELETE) +register_permission(PERMISSION_TAG_EDIT) tag_list = {'text': _(u'tags'), 'view': 'tag_list', 'famfam': 'tag_blue'} -tag_document_remove = {'text': _(u'remove'), 'view': 'tag_remove', 'args': ['object.id', 'document.id'], 'famfam': 'tag_blue_delete', 'permissions': {'namespace': 'tags', 'permissions': [PERMISSION_TAG_REMOVE]}} -tag_delete = {'text': _(u'delete'), 'view': 'tag_delete', 'args': 'object.id', 'famfam': 'tag_blue_delete', 'permissions': {'namespace': 'tags', 'permissions': [PERMISSION_TAG_DELETE]}} -tag_edit = {'text': _(u'edit'), 'view': 'tag_edit', 'args': 'object.id', 'famfam': 'tag_blue_edit', 'permissions': {'namespace': 'tags', 'permissions': [PERMISSION_TAG_EDIT]}} +tag_document_remove = {'text': _(u'remove'), 'view': 'tag_remove', 'args': ['object.id', 'document.id'], 'famfam': 'tag_blue_delete', 'permissions': [PERMISSION_TAG_REMOVE]} +tag_delete = {'text': _(u'delete'), 'view': 'tag_delete', 'args': 'object.id', 'famfam': 'tag_blue_delete', 'permissions': [PERMISSION_TAG_DELETE]} +tag_edit = {'text': _(u'edit'), 'view': 'tag_edit', 'args': 'object.id', 'famfam': 'tag_blue_edit', 'permissions': [PERMISSION_TAG_EDIT]} tag_tagged_item_list = {'text': _(u'tagged documents'), 'view': 'tag_tagged_item_list', 'args': 'object.id', 'famfam': 'tag_blue'} -tag_multiple_delete = {'text': _(u'delete'), 'view': 'tag_multiple_delete', 'famfam': 'tag_blue_delete', 'permissions': {'namespace': 'tags', 'permissions': [PERMISSION_TAG_DELETE]}} +tag_multiple_delete = {'text': _(u'delete'), 'view': 'tag_multiple_delete', 'famfam': 'tag_blue_delete', 'permissions': [PERMISSION_TAG_DELETE]} register_model_list_columns(Tag, [ { diff --git a/apps/tags/views.py b/apps/tags/views.py index 4c87d8ad7f..b3ae653dd4 100644 --- a/apps/tags/views.py +++ b/apps/tags/views.py @@ -17,7 +17,7 @@ from tags import PERMISSION_TAG_CREATE, PERMISSION_TAG_ATTACH, \ def tag_remove(request, tag_id, document_id): - check_permissions(request.user, 'tags', [PERMISSION_TAG_REMOVE]) + check_permissions(request.user, [PERMISSION_TAG_REMOVE]) tag = get_object_or_404(Tag, pk=tag_id) document = get_object_or_404(Document, pk=document_id) @@ -39,14 +39,14 @@ def tag_add(request, document_id): form = AddTagForm(request.POST) if form.is_valid(): if form.cleaned_data['new_tag']: - check_permissions(request.user, 'tags', [PERMISSION_TAG_CREATE]) + check_permissions(request.user, [PERMISSION_TAG_CREATE]) tag_name = form.cleaned_data['new_tag'] if Tag.objects.filter(name=tag_name): is_new = False else: is_new = True elif form.cleaned_data['existing_tags']: - check_permissions(request.user, 'tags', [PERMISSION_TAG_ATTACH]) + check_permissions(request.user, [PERMISSION_TAG_ATTACH]) tag_name = form.cleaned_data['existing_tags'] is_new = False else: @@ -84,7 +84,7 @@ def tag_list(request): def tag_delete(request, tag_id=None, tag_id_list=None): - check_permissions(request.user, 'tags', [PERMISSION_TAG_DELETE]) + check_permissions(request.user, [PERMISSION_TAG_DELETE]) post_action_redirect = None if tag_id: @@ -137,7 +137,7 @@ def tag_multiple_delete(request): def tag_edit(request, tag_id): - check_permissions(request.user, 'tags', [PERMISSION_TAG_EDIT]) + check_permissions(request.user, [PERMISSION_TAG_EDIT]) tag = get_object_or_404(Tag, pk=tag_id) if request.method == 'POST': diff --git a/apps/user_management/__init__.py b/apps/user_management/__init__.py index c399227e8f..862f9367d2 100644 --- a/apps/user_management/__init__.py +++ b/apps/user_management/__init__.py @@ -2,45 +2,41 @@ from django.utils.translation import ugettext_lazy as _ from django.contrib.auth.models import User, Group from navigation.api import register_links, register_multi_item_links -from permissions.api import register_permissions +from permissions.api import register_permission -PERMISSION_USER_CREATE = 'user_create' -PERMISSION_USER_EDIT = 'user_edit' -PERMISSION_USER_VIEW = 'user_view' -PERMISSION_USER_DELETE = 'user_delete' +PERMISSION_USER_CREATE = {'namespace': 'user_manageent', 'name': 'user_create', 'label': _(u'Create new users')} +PERMISSION_USER_EDIT = {'namespace': 'user_manageent', 'name': 'user_edit', 'label': _(u'Edit existing users')} +PERMISSION_USER_VIEW = {'namespace': 'user_manageent', 'name': 'user_view', 'label': _(u'View existing users')} +PERMISSION_USER_DELETE = {'namespace': 'user_manageent', 'name': 'user_delete', 'label': _(u'Delete existing users')} -PERMISSION_GROUP_CREATE = 'group_create' -PERMISSION_GROUP_EDIT = 'group_edit' -PERMISSION_GROUP_VIEW = 'group_view' -PERMISSION_GROUP_DELETE = 'group_delete' +PERMISSION_GROUP_CREATE = {'namespace': 'user_manageent', 'name': 'group_create', 'label': _(u'Create new groups')} +PERMISSION_GROUP_EDIT = {'namespace': 'user_manageent', 'name': 'group_edit', 'label': _(u'Edit existing groups')} +PERMISSION_GROUP_VIEW = {'namespace': 'user_manageent', 'name': 'group_view', 'label': _(u'View existing groups')} +PERMISSION_GROUP_DELETE = {'namespace': 'user_manageent', 'name': 'group_delete', 'label': _(u'Delete existing groups')} -register_permissions('user_management', [ - # Users - {'name': PERMISSION_USER_CREATE, 'label': _(u'Create new users')}, - {'name': PERMISSION_USER_EDIT, 'label': _(u'Edit existing users')}, - {'name': PERMISSION_USER_VIEW, 'label': _(u'View existing users')}, - {'name': PERMISSION_USER_DELETE, 'label': _(u'Delete existing users')}, - # Groups - {'name': PERMISSION_GROUP_CREATE, 'label': _(u'Create new groups')}, - {'name': PERMISSION_GROUP_EDIT, 'label': _(u'Edit existing groups')}, - {'name': PERMISSION_GROUP_VIEW, 'label': _(u'View existing groups')}, - {'name': PERMISSION_GROUP_DELETE, 'label': _(u'Delete existing groups')}, -]) +register_permission(PERMISSION_USER_CREATE) +register_permission(PERMISSION_USER_EDIT) +register_permission(PERMISSION_USER_VIEW) +register_permission(PERMISSION_USER_DELETE) +register_permission(PERMISSION_GROUP_CREATE) +register_permission(PERMISSION_GROUP_EDIT) +register_permission(PERMISSION_GROUP_VIEW) +register_permission(PERMISSION_GROUP_DELETE) -user_list = {'text': _(u'user list'), 'view': 'user_list', 'famfam': 'user', 'permissions': {'namespace': 'user_management', 'permissions': [PERMISSION_USER_VIEW]}} -user_edit = {'text': _(u'edit'), 'view': 'user_edit', 'args': 'object.id', 'famfam': 'user_edit', 'permissions': {'namespace': 'user_management', 'permissions': [PERMISSION_USER_EDIT]}} -user_add = {'text': _(u'create new user'), 'view': 'user_add', 'famfam': 'user_add', 'permissions': {'namespace': 'user_management', 'permissions': [PERMISSION_USER_CREATE]}} -user_delete = {u'text': _('delete'), 'view': 'user_delete', 'args': 'object.id', 'famfam': 'user_delete', 'permissions': {'namespace': 'user_management', 'permissions': [PERMISSION_USER_DELETE]}} -user_multiple_delete = {u'text': _('delete'), 'view': 'user_multiple_delete', 'famfam': 'user_delete', 'permissions': {'namespace': 'user_management', 'permissions': [PERMISSION_USER_DELETE]}} -user_set_password = {u'text': _('reset password'), 'view': 'user_set_password', 'args': 'object.id', 'famfam': 'lock_edit', 'permissions': {'namespace': 'user_management', 'permissions': [PERMISSION_USER_EDIT]}} -user_multiple_set_password = {u'text': _('reset password'), 'view': 'user_multiple_set_password', 'famfam': 'lock_edit', 'permissions': {'namespace': 'user_management', 'permissions': [PERMISSION_USER_EDIT]}} +user_list = {'text': _(u'user list'), 'view': 'user_list', 'famfam': 'user', 'permissions': [PERMISSION_USER_VIEW]} +user_edit = {'text': _(u'edit'), 'view': 'user_edit', 'args': 'object.id', 'famfam': 'user_edit', 'permissions': [PERMISSION_USER_EDIT]} +user_add = {'text': _(u'create new user'), 'view': 'user_add', 'famfam': 'user_add', 'permissions': [PERMISSION_USER_CREATE]} +user_delete = {u'text': _('delete'), 'view': 'user_delete', 'args': 'object.id', 'famfam': 'user_delete', 'permissions': [PERMISSION_USER_DELETE]} +user_multiple_delete = {u'text': _('delete'), 'view': 'user_multiple_delete', 'famfam': 'user_delete', 'permissions': [PERMISSION_USER_DELETE]} +user_set_password = {u'text': _('reset password'), 'view': 'user_set_password', 'args': 'object.id', 'famfam': 'lock_edit', 'permissions': [PERMISSION_USER_EDIT]} +user_multiple_set_password = {u'text': _('reset password'), 'view': 'user_multiple_set_password', 'famfam': 'lock_edit', 'permissions': [PERMISSION_USER_EDIT]} -group_list = {'text': _(u'group list'), 'view': 'group_list', 'famfam': 'group', 'permissions': {'namespace': 'user_management', 'permissions': [PERMISSION_GROUP_VIEW]}} -group_edit = {'text': _(u'edit'), 'view': 'group_edit', 'args': 'object.id', 'famfam': 'group_edit', 'permissions': {'namespace': 'user_management', 'permissions': [PERMISSION_GROUP_EDIT]}} -group_add = {'text': _(u'create new group'), 'view': 'group_add', 'famfam': 'group_add', 'permissions': {'namespace': 'user_management', 'permissions': [PERMISSION_GROUP_CREATE]}} -group_delete = {u'text': _('delete'), 'view': 'group_delete', 'args': 'object.id', 'famfam': 'group_delete', 'permissions': {'namespace': 'user_management', 'permissions': [PERMISSION_GROUP_DELETE]}} -group_multiple_delete = {u'text': _('delete'), 'view': 'group_multiple_delete', 'famfam': 'group_delete', 'permissions': {'namespace': 'user_management', 'permissions': [PERMISSION_GROUP_DELETE]}} -group_members = {'text': _(u'members'), 'view': 'group_members', 'args': 'object.id', 'famfam': 'group_link', 'permissions': {'namespace': 'user_management', 'permissions': [PERMISSION_GROUP_EDIT]}} +group_list = {'text': _(u'group list'), 'view': 'group_list', 'famfam': 'group', 'permissions': [PERMISSION_GROUP_VIEW]} +group_edit = {'text': _(u'edit'), 'view': 'group_edit', 'args': 'object.id', 'famfam': 'group_edit', 'permissions': [PERMISSION_GROUP_EDIT]} +group_add = {'text': _(u'create new group'), 'view': 'group_add', 'famfam': 'group_add', 'permissions': [PERMISSION_GROUP_CREATE]} +group_delete = {u'text': _('delete'), 'view': 'group_delete', 'args': 'object.id', 'famfam': 'group_delete', 'permissions': [PERMISSION_GROUP_DELETE]} +group_multiple_delete = {u'text': _('delete'), 'view': 'group_multiple_delete', 'famfam': 'group_delete', 'permissions': [PERMISSION_GROUP_DELETE]} +group_members = {'text': _(u'members'), 'view': 'group_members', 'args': 'object.id', 'famfam': 'group_link', 'permissions': [PERMISSION_GROUP_EDIT]} register_links(User, [user_edit, user_set_password, user_delete]) register_links(['user_multiple_set_password', 'user_set_password', 'user_multiple_delete', 'user_delete', 'user_edit', 'user_list', 'user_add'], [user_add, user_list], menu_name=u'sidebar') diff --git a/apps/user_management/views.py b/apps/user_management/views.py index 94d95777bc..c0ab481ae3 100644 --- a/apps/user_management/views.py +++ b/apps/user_management/views.py @@ -20,7 +20,7 @@ from user_management.forms import UserForm, PasswordForm, GroupForm def user_list(request): - check_permissions(request.user, 'user_management', [PERMISSION_USER_VIEW]) + check_permissions(request.user, [PERMISSION_USER_VIEW]) return object_list( request, @@ -50,7 +50,7 @@ def user_list(request): def user_edit(request, user_id): - check_permissions(request.user, 'user_management', [PERMISSION_USER_EDIT]) + check_permissions(request.user, [PERMISSION_USER_EDIT]) user = get_object_or_404(User, pk=user_id) if user.is_superuser or user.is_staff: @@ -76,7 +76,7 @@ def user_edit(request, user_id): def user_add(request): - check_permissions(request.user, 'user_management', [PERMISSION_USER_CREATE]) + check_permissions(request.user, [PERMISSION_USER_CREATE]) if request.method == 'POST': form = UserForm(request.POST) @@ -95,7 +95,7 @@ def user_add(request): def user_delete(request, user_id=None, user_id_list=None): - check_permissions(request.user, 'user_management', [PERMISSION_USER_DELETE]) + check_permissions(request.user, [PERMISSION_USER_DELETE]) post_action_redirect = None if user_id: @@ -149,7 +149,7 @@ def user_multiple_delete(request): def user_set_password(request, user_id=None, user_id_list=None): - check_permissions(request.user, 'user_management', [PERMISSION_USER_EDIT]) + check_permissions(request.user, [PERMISSION_USER_EDIT]) post_action_redirect = None if user_id: @@ -211,7 +211,7 @@ def user_multiple_set_password(request): def group_list(request): - check_permissions(request.user, 'user_management', [PERMISSION_GROUP_VIEW]) + check_permissions(request.user, [PERMISSION_GROUP_VIEW]) return object_list( request, @@ -232,7 +232,7 @@ def group_list(request): def group_edit(request, group_id): - check_permissions(request.user, 'user_management', [PERMISSION_GROUP_EDIT]) + check_permissions(request.user, [PERMISSION_GROUP_EDIT]) group = get_object_or_404(Group, pk=group_id) if request.method == 'POST': @@ -254,7 +254,7 @@ def group_edit(request, group_id): def group_add(request): - check_permissions(request.user, 'user_management', [PERMISSION_GROUP_CREATE]) + check_permissions(request.user, [PERMISSION_GROUP_CREATE]) if request.method == 'POST': form = GroupForm(request.POST) @@ -273,7 +273,7 @@ def group_add(request): def group_delete(request, group_id=None, group_id_list=None): - check_permissions(request.user, 'user_management', [PERMISSION_GROUP_DELETE]) + check_permissions(request.user, [PERMISSION_GROUP_DELETE]) post_action_redirect = None if group_id: @@ -332,7 +332,7 @@ def get_non_group_members(group): def group_members(request, group_id): - check_permissions(request.user, 'user_management', [PERMISSION_GROUP_EDIT]) + check_permissions(request.user, [PERMISSION_GROUP_EDIT]) group = get_object_or_404(Group, pk=group_id) return assign_remove( diff --git a/docs/TODO b/docs/TODO index d76a816066..d7fa91d2f7 100644 --- a/docs/TODO +++ b/docs/TODO @@ -82,11 +82,12 @@ Common Permissions =========== -* Add permissions support to menus - STARTED (secondary menus done) +* Add permissions support to menus - DONE * Role editing view under setup - DONE * Implement permissions decorators * Add user editing under roles menus - DONE * Workflows app +* Handle anonymous users Documents ========= @@ -112,7 +113,7 @@ Documents * Document model's delete method might not get called when deleting in bulk from a queryset * Allow metadata entry form to mix required and non required metadata - DEFFERED -* Block Setup menu item to non staff and non superuser users +* Block Setup menu item to non staff and non superuser users - DONE by means of evaluation or permissions * Include annotations in transformed documents downloads * Toggable option to include default transformation on document upload * Add document tagging - DONE