Update the ACL permission view to use the new AddRemoveView.
Add ACL created and ACL edit events.
Add permission adding and removal accesors to the ACL model.
Signed-off-by: Roberto Rosario <Roberto.Rosario@mayan-edms.com>
Update the ACL delete icon for uniformity.
Insert both the ACL and object in the view to also
display the ACL permissions and delete view when
viewing the ACL of an object.
Signed-off-by: Roberto Rosario <Roberto.Rosario@mayan-edms.com>
With the removal of the support for a related field in
.restrict_queryset() the deprecation comment can now be
removed.
Signed-off-by: Roberto Rosario <Roberto.Rosario@mayan-edms.com>
Remove support for passing a related field argument when
checking for access for restricting a queryset.
Remove a duplicate permission check.
Fix bug when filtering the direct ACL for an object,
the ACL query was filtering by the ACL ID instead of the
object ID.
Signed-off-by: Roberto Rosario <Roberto.Rosario@mayan-edms.com>
Rename all instance of `pk` or `acl_pk` to `acl_id`
to match the preferred URL parameter naming conventions of
using `id` instead of `pk`.
Signed-off-by: Roberto Rosario <Roberto.Rosario@mayan-edms.com>
Rewrite the ACL queryset filtering to move most of the
computation to the database manager view the ORM.
Add support for cascading access control checking.
Update the .check_access() method to work as a front
end of the new .restrict_queryset method. The workflow
for access control now follow Django convention of
first generating a queryset and then attempt to .get()
the desired element of the queryset.
This update also allows restricting a queryset by related
fields which can be Generic Foreign Keys.
Signed-off-by: Roberto Rosario <Roberto.Rosario@mayan-edms.com>
Extract test views and user code into their own separate test case
mixins. Append TestCase to test case mixins with base test code
to differentiate them from test mixins with reusable view calls.
Signed-off-by: Roberto Rosario <Roberto.Rosario@mayan-edms.com>
Update the entire with keyword arguments. Update the views
to comply with MERC 6 by returning error 404 on access
failure. API are untouched. Add icon to the ACL delete
button. Add additional view tests. Use the new filtered
choice form to display a select2 enabled role selection
widget. Update the ACL creation view to not redirect to an
existing ACL in case of duplication but to instead stop
and display an error with a suggestion to the user
to instead edit the existing ACL.
Signed-off-by: Roberto Rosario <Roberto.Rosario@mayan-edms.com>
Use the new icon classes to add custom icons. Improve
the URL schemes of some apps for uniformity.
Signed-off-by: Roberto Rosario <Roberto.Rosario@mayan-edms.com>
Update the arguments of the function to be full length and more explicit.
Use exceptions to find the correct way of using the attribute of the
object passed instead of trying to use introspection.
Add support for passing key word arguments to the attribute being
resolved even if it is a class method.
Signed-off-by: Roberto Rosario <Roberto.Rosario@mayan-edms.com>
Refactor the accesors to behave like methods instead of properties.
This means all accesors will be prepended with the string
"get_" and will include a set of parenthesis.
Improve the ModeAttribute class to use the method's
short_description. This commit also adds support for a
new method .help_text attribute has been added.
Move accessors to their own module, named "methods.py".
Remove the PropertyHelper class as the accessors no longer
need it.
Signed-off-by: Roberto Rosario <Roberto.Rosario@mayan-edms.com>
Add keyword arguments to all called instances of PermissionNamespace.
Sort name and label arguments.
Signed-off-by: Roberto Rosario <Roberto.Rosario@mayan-edms.com>
Now that the automatic OCR, parsing and file metadata processing
are turned off by the test setting file, these overrides in the
tests are not needed anymore.
Signed-off-by: Roberto Rosario <Roberto.Rosario@mayan-edms.com>
Add support to the SourceColumn class to resolve related fields
using the double underscore as separator. Columns that use related
no longer have to use throw away lambdas.
Signed-off-by: Roberto Rosario <Roberto.Rosario@mayan-edms.com>
Convert the volatile permission reference in the stored permission
model from a method to a property to allow future caching optimization.
Signed-off-by: Roberto Rosario <Roberto.Rosario@mayan-edms.com>
Instead of inserting the path of the apps into the Python app,
the apps are now referenced by their full import path.
This app name claves with external or native Python libraries.
Example: Mayan statistics app vs. Python new statistics library.
Every app reference is now prepended with 'mayan.apps'.
Existing config.yml files need to be updated manually.
Signed-off-by: Roberto Rosario <roberto.rosario.gonzalez@gmail.com>
