def check_ruleset_log_detail_visibility(user_id, log_id):
function_id = Function.objects.get(name=KEY_F_RULESET_LOG,
module__name=KEY_M_RULESET).id
user_roles = UserRolePermission.objects.filter(
user_id=user_id).values_list("role_permission_id", flat=True)
log = RulesetLog.objects.get_ruleset_log(log_id)
ruleset_log_group = RulesetLogGroup.objects.get(
id=log.get(KEY_RULESET_LOG_GROUP_ID))
query = Q()
query.add(
Q(role_permission__environment_id=ruleset_log_group.source_environment.
id), Q.AND)
query.add(Q(role_permission__country_id=ruleset_log_group.country_id),
Q.AND)
query.add(Q(function_id=function_id), Q.AND)
query.add(Q(visible=1), Q.AND)
a_visible_roles = RoleFunctionPermission.objects.filter(query).values_list(
"role_permission_id", flat=True)
query = Q()
query.add(
Q(role_permission__environment_id=ruleset_log_group.target_environment.
id), Q.AND)
query.add(Q(role_permission__country_id=ruleset_log_group.country_id),
Q.AND)
query.add(Q(function_id=function_id), Q.AND)
query.add(Q(visible=1), Q.AND)
b_visible_roles = RoleFunctionPermission.objects.filter(query).values_list(
"role_permission_id", flat=True)
if len(get_union(user_roles, a_visible_roles)) == 0 or len(
get_union(user_roles, b_visible_roles)) == 0:
raise PermissionDeniedError()
def check_scheduler_detail_visibility(user_id, env_a_id, env_b_id, country_ids,
function_key, module_key):
function_id = Function.objects.get(name=function_key,
module__name=module_key).id
user_roles = UserRolePermission.objects.filter(
user_id=user_id).values_list("role_permission_id", flat=True)
query = Q()
query.add(Q(role_permission__environment_id=env_a_id), Q.AND)
query.add(Q(role_permission__country__in=country_ids), Q.AND)
query.add(Q(function_id=function_id), Q.AND)
query.add(Q(visible=1), Q.AND)
a_visible_roles = RoleFunctionPermission.objects.filter(query).values_list(
"role_permission_id", flat=True)
query = Q()
query.add(Q(role_permission__environment_id=env_b_id), Q.AND)
query.add(Q(role_permission__country__in=country_ids), Q.AND)
query.add(Q(function_id=function_id), Q.AND)
query.add(Q(visible=1), Q.AND)
b_visible_roles = RoleFunctionPermission.objects.filter(query).values_list(
"role_permission_id", flat=True)
if len(get_union(user_roles, a_visible_roles)) == 0 or len(
get_union(user_roles, b_visible_roles)) == 0:
raise PermissionDeniedError()
def check_permission(self):
function_id = Function.objects.get(name=KEY_F_RECOVERY,
module__name=KEY_M_RULESET).id
target_env_id = self.target_environment.id
country_id = self.country.id
self.is_editable = is_editable(self.user.id, target_env_id, country_id,
function_id)
if not self.is_editable:
raise PermissionDeniedError()
def check_permission(self):
function_id = Function.objects.get(name=KEY_F_REPORT_TASK, module__name=KEY_M_RULESET).id
for country_id_obj in self.task.country_list.values(KEY_ID):
country_id = country_id_obj.get(KEY_ID)
is_source_editable = is_editable(self.user.id, self.task.source_environment.id, country_id, function_id)
is_target_editable = is_editable(self.user.id, self.task.target_environment.id, country_id, function_id)
if is_source_editable is False or is_target_editable is False:
raise PermissionDeniedError()
def check_permission(self):
function_id = Function.objects.get(name=KEY_F_REPORT_TASK,
module__name=KEY_M_RULESET).id
for country_id in self.country_list:
is_base_editable = is_editable(self.user.id,
self.source_environment_id,
country_id, function_id)
is_target_editable = is_editable(self.user.id,
self.target_environment,
country_id, function_id)
if is_base_editable is False or is_target_editable is False:
raise PermissionDeniedError()
def check_function_visibility(request, function_key, module_key):
function_id_list = Function.objects.filter(
name=function_key, module__name=module_key).values_list("id",
flat=True)
if not check_function_enable(request.user.id, function_id_list[0]):
raise PermissionDeniedError()