Update the ACL permission view to use the new AddRemoveView.
Add ACL created and ACL edit events.
Add permission adding and removal accesors to the ACL model.
Signed-off-by: Roberto Rosario <Roberto.Rosario@mayan-edms.com>
With the removal of the support for a related field in
.restrict_queryset() the deprecation comment can now be
removed.
Signed-off-by: Roberto Rosario <Roberto.Rosario@mayan-edms.com>
Remove support for passing a related field argument when
checking for access for restricting a queryset.
Remove a duplicate permission check.
Fix bug when filtering the direct ACL for an object,
the ACL query was filtering by the ACL ID instead of the
object ID.
Signed-off-by: Roberto Rosario <Roberto.Rosario@mayan-edms.com>
Rewrite the ACL queryset filtering to move most of the
computation to the database manager view the ORM.
Add support for cascading access control checking.
Update the .check_access() method to work as a front
end of the new .restrict_queryset method. The workflow
for access control now follow Django convention of
first generating a queryset and then attempt to .get()
the desired element of the queryset.
This update also allows restricting a queryset by related
fields which can be Generic Foreign Keys.
Signed-off-by: Roberto Rosario <Roberto.Rosario@mayan-edms.com>
Update the entire with keyword arguments. Update the views
to comply with MERC 6 by returning error 404 on access
failure. API are untouched. Add icon to the ACL delete
button. Add additional view tests. Use the new filtered
choice form to display a select2 enabled role selection
widget. Update the ACL creation view to not redirect to an
existing ACL in case of duplication but to instead stop
and display an error with a suggestion to the user
to instead edit the existing ACL.
Signed-off-by: Roberto Rosario <Roberto.Rosario@mayan-edms.com>
Update the arguments of the function to be full length and more explicit.
Use exceptions to find the correct way of using the attribute of the
object passed instead of trying to use introspection.
Add support for passing key word arguments to the attribute being
resolved even if it is a class method.
Signed-off-by: Roberto Rosario <Roberto.Rosario@mayan-edms.com>
Add support to the SourceColumn class to resolve related fields
using the double underscore as separator. Columns that use related
no longer have to use throw away lambdas.
Signed-off-by: Roberto Rosario <Roberto.Rosario@mayan-edms.com>
Instead of inserting the path of the apps into the Python app,
the apps are now referenced by their full import path.
This app name claves with external or native Python libraries.
Example: Mayan statistics app vs. Python new statistics library.
Every app reference is now prepended with 'mayan.apps'.
Existing config.yml files need to be updated manually.
Signed-off-by: Roberto Rosario <roberto.rosario.gonzalez@gmail.com>
Granting will also check if the permission has been
authorized to the object class using ModelPermission.
Signed-off-by: Roberto Rosario <roberto.rosario.gonzalez@gmail.com>
