Beispiel #1
0
 def queryset(self, request):
     qs = super(OrganisationAdmin, self).queryset(request)
     opts = self.opts
     if request.user.has_perm(opts.app_label + "." + opts.get_change_permission()):
         return qs
     elif request.user.has_perm(opts.app_label + "." + get_rsr_limited_change_permission(opts)):
         organisation = request.user.get_profile().organisation
         return qs.filter(pk=organisation.id)
     else:
         raise PermissionDenied
Beispiel #2
0
 def queryset(self, request):
     """
     Return a queryset possibly filtered depending on current user's group(s)
     """
     qs = super(UserProfileAdmin, self).queryset(request)
     opts = self.opts
     if request.user.has_perm(opts.app_label + "." + opts.get_change_permission()):
         return qs
     elif request.user.has_perm(opts.app_label + "." + get_rsr_limited_change_permission(opts)):
         organisation = request.user.get_profile().organisation
         return qs.filter(organisation=organisation)
     else:
         raise PermissionDenied
Beispiel #3
0
 def queryset(self, request):
     """
     Return a queryset possibly filtered depending on current user's group(s)
     """
     qs = super(ProjectAdmin, self).queryset(request)
     opts = self.opts
     if request.user.has_perm(opts.app_label + "." + opts.get_change_permission()):
         return qs
     elif request.user.has_perm(opts.app_label + "." + get_rsr_limited_change_permission(opts)):
         projects = request.user.get_profile().organisation.all_projects()
         # projects = get_model('rsr', 'organisation').projects.filter(pk__in=[request.user.get_profile().organisation.pk])
         return qs.filter(pk__in=projects)
     else:
         raise PermissionDenied
Beispiel #4
0
    def has_change_permission(self, request, obj=None):
        """
        Returns True if the given request has permission to change the given
        Django model instance.

        If `obj` is None, this should return True if the given request has
        permission to change *any* object of the given type.

        get_rsr_limited_change_permission is used for  partner orgs to limit their listing and editing to
        "own" projects, organisation and user profiles
        """
        opts = self.opts
        if request.user.has_perm(opts.app_label + "." + opts.get_change_permission()):
            return True
        if request.user.has_perm(opts.app_label + "." + get_rsr_limited_change_permission(opts)):
            if obj:
                return obj == request.user.get_profile().organisation
            else:
                return True
        return False
Beispiel #5
0
    def formfield_for_dbfield(self, db_field, **kwargs):
        """
        Hook for specifying the form Field instance for a given database Field
        instance.

        If kwargs are given, they're passed to the form Field's constructor.

        Added by GvH:
        Use hook to implement limits to project list select for org users.
        """
        request = kwargs.get("request", None)

        # Limit the choices of the project db_field to projects linked to user's org
        # if we have an org user
        if db_field.attname == "project_id":
            opts = self.opts
            user = request.user
            if user.has_perm(opts.app_label + "." + get_rsr_limited_change_permission(opts)):
                db_field.rel.limit_choices_to = {"pk__in": user.get_profile().organisation.all_projects()}

        return super(SmsReporterInline, self).formfield_for_dbfield(db_field, **kwargs)