Beispiel #1
0
 def test_hasOneOfPermissions(self):
     self.user.preferences.save_c('groups', ['team'])
     self.user.preferences.save()
     self.assertEqual(
         utils.hasOneOfPermissions(
             self.user, ['edit_staff_status', 'manage_main_items']), True)
     self.assertEqual(
         utils.hasOneOfPermissions(
             self.user, ['edit_staff_configurations', 'add_badges']), False)
Beispiel #2
0
 def _showLink(context):
     permissions_required = page.get('permissions_required', [])
     one_of_permissions_required = page.get('one_of_permissions_required', [])
     return not (
         (page.get('authentication_required', False) and not context['request'].user.is_authenticated())
         or (page.get('logout_required', False) and context['request'].user.is_authenticated())
         or (page.get('staff_required', False) and not context['request'].user.is_staff)
         or (permissions_required and (
             not context['request'].user.is_authenticated()
             or not hasPermissions(context['request'].user, permissions_required)
         ))
         or (one_of_permissions_required and (
             not context['request'].user.is_authenticated()
             or not hasOneOfPermissions(context['request'].user, one_of_permissions_required)
         ))
     )
 def _showLink(context):
     permissions_required = page.get('permissions_required', [])
     one_of_permissions_required = page.get('one_of_permissions_required', [])
     check_permissions = page.get('check_permissions', None)
     return not (
         (page.get('authentication_required', False) and not context['request'].user.is_authenticated())
         or (page.get('logout_required', False) and context['request'].user.is_authenticated())
         or (page.get('staff_required', False) and not context['request'].user.is_staff)
         or (permissions_required and (
             not context['request'].user.is_authenticated()
             or not hasPermissions(context['request'].user, permissions_required)
         ))
         or (one_of_permissions_required and (
             not context['request'].user.is_authenticated()
             or not hasOneOfPermissions(context['request'].user, one_of_permissions_required)
         ))
         or (check_permissions
             and not check_permissions(context))
     )
Beispiel #4
0
    def _view(request, *args, **kwargs):
        # Check permissions
        permissions_context = { 'current_url': request.get_full_path() }
        if page.get('logout_required', False) and request.user.is_authenticated():
            raise PermissionDenied()
        if page.get('authentication_required'):
            redirectWhenNotAuthenticated(request, permissions_context, next_title=page.get('title', ''))
        if page.get('staff_required', False):
            redirectWhenNotAuthenticated(request, permissions_context, next_title=page.get('title', ''))
            if not request.user.is_staff and not request.user.is_superuser:
                raise PermissionDenied()
        if page.get('prelaunch_staff_required', False):
            redirectWhenNotAuthenticated(request, permissions_context, next_title=page.get('title', ''))
            if not request.user.hasPermission('access_site_before_launch'):
                raise PermissionDenied()
        if page.get('permissions_required', []):
            redirectWhenNotAuthenticated(request, permissions_context, next_title=page.get('title', ''))
            if not hasPermissions(request.user, page['permissions_required']):
                raise PermissionDenied()
        if page.get('one_of_permissions_required', []):
            redirectWhenNotAuthenticated(request, permissions_context, next_title=page.get('title', ''))
            if not hasOneOfPermissions(request.user, page['one_of_permissions_required']):
                raise PermissionDenied()

        if boilerplate:
            # Context
            context = getGlobalContext(request=request)
            context['extends'] = 'base.html' if not context['ajax'] else 'ajax.html'
            context['disqus_identifier'] = context['current']
            # Settings from page
            context['show_small_title'] = page.get('show_small_title', True)
            context['show_title'] = page.get('show_title', False)
            context['share_image'] = staticImageURL(page.get('share_image', None))
            context['page_description'] = page.get('page_description', None)
            context['comments_enabled'] = page.get('comments_enabled', False)
            context['template'] = page.get('template', name)
            # Set title and prefixes
            context['title_prefixes'] = []
            if 'navbar_link_list' in page:
                getNavbarPrefix(page['navbar_link_list'], request, context, append_to=context['title_prefixes'])
            default_page_title = page.get('title', None)
            if callable(default_page_title):
                default_page_title = default_page_title(context)
            h1 = {
                'title': default_page_title,
                'icon': page.get('icon', None),
                'image': page.get('image', None),
            }
            h1ToContext(h1, context)
            context['page_title'] = pageTitleFromPrefixes(context['title_prefixes'], default_page_title)
            # Call function
            if function:
                result = function(request, context, *args, **kwargs)
            # Render with full template
            if page.get('full_template', False):
                return render(request, u'pages/{}.html'.format(
                    name if page['full_template'] == True else page['full_template']), context)
            # Render with boilerplate
            if page.get('as_json', False):
                if result is None:
                    return HttpResponse('')
                return JsonResponse(result)
            elif page.get('as_form', False):
                return render(request, 'form.html', context)
            elif page.get('as_sidebar', False):
                context['sidebar_show_title'] = True
                context['sidebar_template'] = 'include/{}.html'.format(
                    page.get('sidebar_template', '{}_sidebar'.format(name)))
                context['template'] = 'pages/{}.html'.format(context['template'])
                return render(request, 'sidebar.html', context)
            return render(request, 'pages/boilerplate.html', context)
        else:
            # Render expected to be called by function
            return function(request, *args, **kwargs)
                'd': default,
                's': str(size)
            }))


############################################################
# Add MagiModel properties to User objects

addMagiModelProperties(User, 'user')
User.image_url = property(avatar)
User.http_image_url = property(avatar)
User.owner_id = property(lambda u: u.id)
User.owner = property(lambda u: u)
User.hasGroup = lambda u, group: hasGroup(u, group)
User.hasPermission = lambda u, permission: hasPermission(u, permission)
User.hasOneOfPermissions = lambda u, permissions: hasOneOfPermissions(
    u, permissions)
User.hasPermissions = lambda u, permissions: hasPermissions(u, permissions)

############################################################

ACTIVITY_TAGS_DICT = dict(ACTIVITY_TAGS or {})

ACTIVITY_TAGS_CHOICES = [(_tag, _details.get('translation', _tag)
                          if isinstance(_details, dict) else _details)
                         for (_tag, _details) in ACTIVITY_TAGS
                         ] if ACTIVITY_TAGS else []

ACTIVITIES_TAGS_HIDDEN_BY_DEFAULT = [
    (tag[0] if isinstance(tag, tuple) else tag)
    for tag in (ACTIVITY_TAGS or [])
    if (isinstance(tag, tuple) and isinstance(tag[1], dict)