def test_save_first_minutes_document(self):
# get the editor page and save the site
response = self.app.get(reverse('documents:create', args=['minutesdocument']) + '?group={}'.format(self.group.id), user=self.user)
self.assertEqual(response.status_code, 200)
form = response.forms['document-form']
text = "Lorem ipsum"
form.set('text_en', text)
form.set('comment', text)
form.set('url_title', slugify(text))
response = form.submit().follow()
self.assertEqual(response.status_code, 200)
document = MinutesDocument.objects.get(url_title=slugify(text))
# check whether number of versions is correct
versions = Version.objects.get_for_object(document)
self.assertEqual(len(versions), 1)
# check whether the properties of the new document are correct
self.assertEqual((document.title_en, document.title_de), MinutesDocument.generate_new_title())
self.assertEqual(document.author, self.user)
self.assertEqual(document.moderator, self.user)
self.assertEqual(document.text_en, text)
self.assertEqual(versions[0].revision.get_comment(), text)
self.assertListEqual(list(document.participants.all().order_by('username')), list(self.group.user_set.all().order_by('username')))
checker = ObjectPermissionChecker(self.group)
self.assertTrue(checker.has_perm(document.edit_permission_name, document))
def get_permitted_minutes(minutes, request, groupid): groupid = int(groupid) try: group = Group.objects.get(id=groupid) except ObjectDoesNotExist: raise Http404 own_group = request.user.is_superuser or group in request.user.groups.all() # Prefetch group permissions group_checker = ObjectPermissionChecker(group) group_checker.prefetch_perms(minutes) # Prefetch user permissions user_checker = ObjectPermissionChecker(request.user) user_checker.prefetch_perms(minutes) # Prefetch ip group permissions ip_range_group_name = request.user._ip_range_group_name if hasattr(request.user, '_ip_range_group_name') else None if ip_range_group_name: ip_range_group = Group.objects.get(name=ip_range_group_name) ip_range_group_checker = ObjectPermissionChecker(ip_range_group) permitted_minutes = [] for m in minutes: # we show all documents for which the requested group has edit permissions # e.g. if you request FSR minutes, all minutes for which the FSR group has edit rights will be shown if not group_checker.has_perm(m.edit_permission_name, m): continue # we only show documents for which the user has view permissions if not user_checker.has_perm(MinutesDocument.get_view_permission(), m) and (not ip_range_group_name or not ip_range_group_checker.has_perm(MinutesDocument.get_view_permission(), m)): continue permitted_minutes.append(m) return permitted_minutes, own_group
def list(request, groupid=None):
if groupid:
groupid = int(groupid)
try:
Group.objects.get(id=groupid)
except ObjectDoesNotExist:
raise SuspiciousOperation
groups = {}
minutes = MinutesDocument.objects.order_by('-date')
for m in minutes:
if not request.user.has_perm(MinutesDocument.get_view_permission(), m):
continue
for group in m.groups.all():
if groupid and groupid != group.id:
continue
if group.name not in groups:
groups[group.name] = OrderedDict()
if m.date.year not in groups[group.name]:
groups[group.name][m.date.year] = []
groups[group.name][m.date.year].append(m)
result = OrderedDict()
if settings.STAFF_GROUP_NAME in groups:
result[settings.STAFF_GROUP_NAME] = groups[settings.STAFF_GROUP_NAME]
del groups[settings.STAFF_GROUP_NAME]
sorted_groups = sorted(groups, key=lambda s: s.lower())
for groupname in sorted_groups:
result[groupname] = groups[groupname]
return render(request, "minutes_list.html", {
'minutes': result,
})
def test_save_first_minutes_document(self):
# get the editor page and save the site
response = self.app.get(reverse('documents:create', args=['minutesdocument']) + '?group={}'.format(self.group.id), user=self.user)
self.assertEqual(response.status_code, 200)
form = response.forms['document-form']
text = "Lorem ipsum"
form.set('text', text)
form.set('comment', text)
form.set('url_title', slugify(text))
response = form.submit().follow()
self.assertEqual(response.status_code, 200)
document = MinutesDocument.objects.get(url_title=slugify(text))
# check whether number of versions is correct
versions = Version.objects.get_for_object(document)
self.assertEqual(len(versions), 1)
# check whether the properties of the new document are correct
self.assertEqual(document.title, MinutesDocument.generate_new_title())
self.assertEqual(document.author, self.user)
self.assertEqual(document.moderator, self.user)
self.assertEqual(document.text, text)
self.assertEqual(versions[0].revision.comment, text)
self.assertListEqual(list(document.participants.all().order_by('username')), list(self.group.user_set.all().order_by('username')))
checker = ObjectPermissionChecker(self.group)
self.assertTrue(checker.has_perm(document.edit_permission_name, document))
def list(request, groupid):
groupid = int(groupid)
try:
group = Group.objects.get(id=groupid)
except ObjectDoesNotExist:
raise Http404
result = {}
own_group = request.user.is_superuser or group in request.user.groups.all()
minutes = MinutesDocument.objects.all().prefetch_related(
'labels').order_by('-date')
# Prefetch group permissions
group_checker = ObjectPermissionChecker(group)
group_checker.prefetch_perms(minutes)
# Prefetch user permissions
user_checker = ObjectPermissionChecker(request.user)
user_checker.prefetch_perms(minutes)
# Prefetch ip group permissions
ip_range_group_name = request.user._ip_range_group_name if hasattr(
request.user, '_ip_range_group_name') else None
if ip_range_group_name:
ip_range_group = Group.objects.get(name=ip_range_group_name)
ip_range_group_checker = ObjectPermissionChecker(ip_range_group)
for m in minutes:
# we show all documents for which the requested group has edit permissions
# e.g. if you request FSR minutes, all minutes for which the FSR group has edit rights will be shown
if not group_checker.has_perm(m.edit_permission_name, m):
continue
# we only show documents for which the user has view permissions
if not user_checker.has_perm(
MinutesDocument.get_view_permission(),
m) and (not ip_range_group_name
or not ip_range_group_checker.has_perm(
MinutesDocument.get_view_permission(), m)):
continue
if m.date.year not in result:
result[m.date.year] = []
result[m.date.year].append(m)
return render(
request, "minutes_list.html", {
'minutes_list': sorted(result.items(), reverse=True),
'own_group': own_group
})
def save(self, *args, **kwargs):
super().save(*args, **kwargs)
instance = forms.ModelForm.save(self)
instance.user_set.clear()
instance.user_set.add(*self.cleaned_data["users"])
if self.cleaned_data["add_information_document"]:
assign_perm(InformationDocument().add_permission_name, instance)
else:
remove_perm(InformationDocument().add_permission_name, instance)
if self.cleaned_data["add_minutesdocument"]:
assign_perm(MinutesDocument().add_permission_name, instance)
else:
remove_perm(MinutesDocument().add_permission_name, instance)
if self.cleaned_data["add_poll"]:
assign_perm(Poll().add_permission_name, instance)
else:
remove_perm(Poll().add_permission_name, instance)
return instance
def list(request, groupid):
groupid = int(groupid)
try:
group = Group.objects.get(id=groupid)
except ObjectDoesNotExist:
raise SuspiciousOperation
result = {}
# we show all documents for which the requested group has edit permissions
# e.g. if you request FSR minutes, all minutes for which the FSR group has edit rights will be shown
minutes = get_objects_for_group(group, "minutes.change_minutesdocument", MinutesDocument).order_by('-date')
for m in minutes:
if not request.user.has_perm(MinutesDocument.get_view_permission(), m):
continue
if m.date.year not in result:
result[m.date.year] = []
result[m.date.year].append(m)
return render(request, "minutes_list.html", {
'minutes': result,
})
def list(request, groupid):
groupid = int(groupid)
try:
group = Group.objects.get(id=groupid)
except ObjectDoesNotExist:
raise Http404
result = {}
own_group = request.user.is_superuser or group in request.user.groups.all()
minutes = MinutesDocument.objects.all().prefetch_related('labels').order_by('-date')
# Prefetch group permissions
group_checker = ObjectPermissionChecker(group)
group_checker.prefetch_perms(minutes)
# Prefetch user permissions
user_checker = ObjectPermissionChecker(request.user)
user_checker.prefetch_perms(minutes)
# Prefetch ip group permissions
ip_range_group_name = request.user._ip_range_group_name if hasattr(request.user, '_ip_range_group_name') else None
if ip_range_group_name:
ip_range_group = Group.objects.get(name=ip_range_group_name)
ip_range_group_checker = ObjectPermissionChecker(ip_range_group)
for m in minutes:
# we show all documents for which the requested group has edit permissions
# e.g. if you request FSR minutes, all minutes for which the FSR group has edit rights will be shown
if not group_checker.has_perm(m.edit_permission_name, m):
continue
# we only show documents for which the user has view permissions
if not user_checker.has_perm(MinutesDocument.get_view_permission(), m) and (not ip_range_group_name or not ip_range_group_checker.has_perm(MinutesDocument.get_view_permission(), m)):
continue
if m.date.year not in result:
result[m.date.year] = []
result[m.date.year].append(m)
return render(request, "minutes_list.html", {
'minutes_list': sorted(result.items(), reverse=True),
'own_group': own_group
})