def dispatch(self, request, *args, **kwargs): self.document = get_object_or_404( Document, pk=self.kwargs['document_pk'] ) self.smart_link = get_object_or_404( SmartLink, pk=self.kwargs['smart_link_pk'] ) try: Permission.check_permissions( request.user, (permission_document_view,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_document_view, request.user, self.document ) try: Permission.check_permissions( request.user, (permission_smart_link_view,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_smart_link_view, request.user, self.smart_link ) return super( ResolvedSmartLinkView, self ).dispatch(request, *args, **kwargs)
def template_node_edit(request, node_pk): node = get_object_or_404(IndexTemplateNode, pk=node_pk) try: Permission.check_permissions( request.user, (permission_document_indexing_edit,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_document_indexing_edit, request.user, node.index ) if request.method == 'POST': form = IndexTemplateNodeForm(request.POST, instance=node) if form.is_valid(): form.save() messages.success( request, _('Index template node edited successfully') ) return HttpResponseRedirect( reverse('indexing:index_setup_view', args=(node.index.pk,)) ) else: form = IndexTemplateNodeForm(instance=node) return render_to_response('appearance/generic_form.html', { 'form': form, 'index': node.index, 'navigation_object_list': ('index', 'node'), 'node': node, 'title': _('Edit index template node: %s') % node, }, context_instance=RequestContext(request))
def transform_page(request, document_page_id, zoom_function=None, rotation_function=None): document_page = get_object_or_404(DocumentPage, pk=document_page_id) try: Permission.check_permissions(request.user, (permission_document_view,)) except PermissionDenied: AccessControlList.objects.check_access(permission_document_view, request.user, document_page.document) view = resolve(urlparse.urlparse(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))).path).view_name # Get the query string from the referer url query = urlparse.urlparse(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))).query # Parse the query string and get the zoom value # parse_qs return a dictionary whose values are lists zoom = int(urlparse.parse_qs(query).get('zoom', ['100'])[0]) rotation = int(urlparse.parse_qs(query).get('rotation', ['0'])[0]) if zoom_function: zoom = zoom_function(zoom) if rotation_function: rotation = rotation_function(rotation) return HttpResponseRedirect( '?'.join([ reverse(view, args=(document_page.pk,)), urlencode({'zoom': zoom, 'rotation': rotation}) ]) )
def document_signature_download(request, document_pk): document = get_object_or_404(Document, pk=document_pk) try: Permission.check_permissions( request.user, (permission_signature_download,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_signature_download, request.user, document ) try: if DocumentVersionSignature.objects.has_detached_signature(document.latest_version): signature = DocumentVersionSignature.objects.detached_signature( document.latest_version ) return serve_file( request, signature, save_as='"%s.sig"' % document.filename, content_type='application/octet-stream' ) except Exception as exception: messages.error(request, exception) return HttpResponseRedirect(request.META['HTTP_REFERER']) return HttpResponseRedirect(request.META['HTTP_REFERER'])
def delete(self, request, *args, **kwargs): """ Checkin a document. """ document = self.get_object().document if document.checkout_info().user == request.user: try: Permission.check_permissions( request.user, (permission_document_checkin,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_document_checkin, request.user, document ) else: try: Permission.check_permissions( request.user, (permission_document_checkin_override,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_document_checkin_override, request.user, document ) return super( APICheckedoutDocumentView, self ).delete(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs): self.content_type = get_object_or_404( ContentType, app_label=self.kwargs['app_label'], model=self.kwargs['model'] ) try: self.content_object = self.content_type.get_object_for_this_type( pk=self.kwargs['object_id'] ) except self.content_type.model_class().DoesNotExist: raise Http404 try: Permission.check_permissions( request.user, permissions=(permission_events_view,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_events_view, request.user, self.content_object ) return super( ObjectEventListView, self ).dispatch(request, *args, **kwargs)
def key_receive(request, key_id): Permission.check_permissions(request.user, (permission_key_receive,)) previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) if request.method == 'POST': try: gpg.receive_key(key_id=key_id) except Exception as exception: messages.error( request, _('Unable to import key: %(key_id)s; %(error)s') % { 'key_id': key_id, 'error': exception, } ) return HttpResponseRedirect(previous) else: messages.success( request, _('Successfully received key: %(key_id)s') % { 'key_id': key_id, } ) return redirect('django_gpg:key_public_list') return render_to_response('appearance/generic_confirm.html', { 'message': _('Import key ID: %s?') % key_id, 'previous': previous, 'title': _('Import key'), }, context_instance=RequestContext(request))
def dispatch(self, request, *args, **kwargs): self.subtemplates_list = [] self.document = get_object_or_404(Document, pk=kwargs['document_pk']) if NewVersionBlock.objects.is_blocked(self.document): messages.error( self.request, _( 'Document "%s" is blocked from uploading new versions.' ) % self.document ) return HttpResponseRedirect( reverse( 'documents:document_version_list', args=(self.document.pk,) ) ) try: Permission.check_permissions( self.request.user, (permission_document_new_version,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_document_new_version, self.request.user, self.document ) self.tab_links = UploadBaseView.get_active_tab_links(self.document) return super( UploadInteractiveVersionView, self ).dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs): content_type = get_object_or_404( ContentType, app_label=self.kwargs['app_label'], model=self.kwargs['model'] ) try: self.content_object = content_type.get_object_for_this_type( pk=self.kwargs['object_id'] ) except content_type.model_class().DoesNotExist: raise Http404 try: Permission.check_permissions( request.user, (permission_transformation_create,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_transformation_create, request.user, self.content_object ) return super(TransformationCreateView, self).dispatch( request, *args, **kwargs )
def has_object_permission(self, request, view, obj): required_permission = getattr( view, 'mayan_object_permissions', {} ).get(request.method, None) if required_permission: try: Permission.check_permissions(request.user, required_permission) except PermissionDenied: try: if hasattr(view, 'mayan_permission_attribute_check'): AccessControlList.objects.check_access( permissions=required_permission, user=request.user, obj=obj, related=view.mayan_permission_attribute_check ) else: AccessControlList.objects.check_access( required_permission, request.user, obj ) except PermissionDenied: return False else: return True else: return True else: return True
def key_delete(request, fingerprint, key_type): Permission.check_permissions(request.user, (permission_key_delete,)) secret = key_type == 'sec' key = Key.get(gpg, fingerprint, secret=secret) post_action_redirect = redirect('django_gpg:key_public_list') previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) next = request.POST.get('next', request.GET.get('next', post_action_redirect if post_action_redirect else request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) if request.method == 'POST': try: gpg.delete_key(key) messages.success(request, _('Key: %s, deleted successfully.') % fingerprint) return HttpResponseRedirect(next) except Exception as exception: messages.error(request, exception) return HttpResponseRedirect(previous) return render_to_response('appearance/generic_confirm.html', { 'title': _('Delete key'), 'delete_view': True, 'message': _( 'Delete key %s? If you delete a public key that is part of a ' 'public/private pair the private key will be deleted as well.' ) % key, 'next': next, 'previous': previous, }, context_instance=RequestContext(request))
def document_type_filename_create(request, document_type_id): Permission.check_permissions(request.user, (permission_document_type_edit,)) document_type = get_object_or_404(DocumentType, pk=document_type_id) if request.method == 'POST': form = DocumentTypeFilenameForm_create(request.POST) if form.is_valid(): try: document_type_filename = DocumentTypeFilename( document_type=document_type, filename=form.cleaned_data['filename'], enabled=True ) document_type_filename.save() messages.success(request, _('Document type quick label created successfully')) return HttpResponseRedirect(reverse('documents:document_type_filename_list', args=(document_type_id,))) except Exception as exception: messages.error(request, _('Error creating document type quick label; %(error)s') % { 'error': exception}) else: form = DocumentTypeFilenameForm_create() return render_to_response('appearance/generic_form.html', { 'document_type': document_type, 'form': form, 'navigation_object_list': ('document_type',), 'title': _('Create quick label for document type: %s') % document_type, }, context_instance=RequestContext(request))
def document_version_revert(request, document_version_pk): document_version = get_object_or_404(DocumentVersion, pk=document_version_pk) try: Permission.check_permissions(request.user, (permission_document_version_revert,)) except PermissionDenied: AccessControlList.objects.check_access(permission_document_version_revert, request.user, document_version.document) previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) if request.method == 'POST': try: document_version.revert(_user=request.user) messages.success(request, _('Document version reverted successfully')) except Exception as exception: messages.error(request, _('Error reverting document version; %s') % exception) return HttpResponseRedirect(previous) return render_to_response('appearance/generic_confirm.html', { 'previous': previous, 'object': document_version.document, 'title': _('Revert to this version?'), 'message': _('All later version after this one will be deleted too.'), }, context_instance=RequestContext(request))
def get_document_image(request, document_id, size=setting_preview_size.value): document = get_object_or_404(Document.passthrough, pk=document_id) try: Permission.check_permissions(request.user, (permission_document_view,)) except PermissionDenied: AccessControlList.objects.check_access( permission_document_view, request.user, document ) page = int(request.GET.get('page', DEFAULT_PAGE_NUMBER)) zoom = int(request.GET.get('zoom', DEFAULT_ZOOM_LEVEL)) version = int(request.GET.get('version', document.latest_version.pk)) if zoom < setting_zoom_min_level.value: zoom = setting_zoom_min_level.value if zoom > setting_zoom_max_level.value: zoom = setting_zoom_max_level.value rotation = int(request.GET.get('rotation', DEFAULT_ROTATION)) % 360 document_page = document.pages.get(page_number=page) task = task_get_document_page_image.apply_async(kwargs=dict(document_page_id=document_page.pk, size=size, zoom=zoom, rotation=rotation, as_base64=True, version=version)) data = task.get(timeout=DOCUMENT_IMAGE_TASK_TIMEOUT) return HttpResponse(base64.b64decode(data[21:]), content_type='image')
def get_queryset(self): document_type = get_object_or_404(DocumentType, pk=self.kwargs["document_type_pk"]) try: Permission.check_permissions(self.request.user, (permission_document_type_view,)) except PermissionDenied: AccessControlList.objects.check_access(permission_document_type_view, self.request.user, document_type) return document_type.metadata.filter(required=self.required_metadata)
def dispatch(self, request, *args, **kwargs): if self.view_permission: Permission.check_permissions( requester=self.request.user, permissions=(self.view_permission,) ) return super( ViewPermissionCheckMixin, self ).dispatch(request, *args, **kwargs)
def document_verify(request, document_pk): document = get_object_or_404(Document, pk=document_pk) try: Permission.check_permissions( request.user, (permission_document_verify,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_document_verify, request.user, document ) document.add_as_recent_document_for_user(request.user) try: signature = DocumentVersionSignature.objects.verify_signature( document.latest_version ) except AttributeError: signature_state = SIGNATURE_STATES.get(SIGNATURE_STATE_NONE) signature = None else: signature_state = SIGNATURE_STATES.get( getattr(signature, 'status', None) ) paragraphs = [_('Signature status: %s') % signature_state['text']] try: if DocumentVersionSignature.objects.has_embedded_signature(document.latest_version): signature_type = _('Embedded') else: signature_type = _('Detached') except ValueError: signature_type = _('None') if signature: paragraphs.extend( [ _('Signature ID: %s') % signature.signature_id, _('Signature type: %s') % signature_type, _('Key ID: %s') % signature.key_id, _('Timestamp: %s') % datetime.fromtimestamp( int(signature.sig_timestamp) ), _('Signee: %s') % force_escape(getattr(signature, 'username', '')), ] ) return render_to_response('appearance/generic_template.html', { 'document': document, 'object': document, 'paragraphs': paragraphs, 'title': _('Signature properties for document: %s') % document, }, context_instance=RequestContext(request))
def object_action(self, instance): try: Permission.check_permissions( self.request.user, (permission_document_trash,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_document_trash, self.request.user, instance ) instance.delete()
def object_action(self, instance): try: Permission.check_permissions( self.request.user, (permission_ocr_document,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_ocr_document, self.request.user, instance ) instance.submit_for_ocr()
def get_document_count(self, user): queryset = self.documents try: Permission.check_permissions(user, (permission_document_view,)) except PermissionDenied: queryset = AccessControlList.objects.filter_by_access( permission_document_view, user, queryset ) return queryset.count()
def get_queryset(self): tag = get_object_or_404(Tag, pk=self.kwargs['pk']) try: Permission.check_permissions( self.request.user, (permission_tag_view,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_tag_view, self.request.user, tag ) return tag.documents.all()
def document_update_page_count(request, document_id=None, document_id_list=None): if document_id: documents = Document.objects.filter(pk=document_id) elif document_id_list: documents = Document.objects.filter(pk__in=document_id_list) if not documents: messages.error(request, _('At least one document must be selected.')) return HttpResponseRedirect(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))) try: Permission.check_permissions( request.user, (permission_document_tools,) ) except PermissionDenied: documents = AccessControlList.objects.filter_by_access( permission_document_tools, request.user, documents ) previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) if request.method == 'POST': for document in documents: task_update_page_count.apply_async( kwargs={'version_id': document.latest_version.pk} ) messages.success( request, ungettext( _('Document queued for page count recalculation.'), _('Documents queued for page count recalculation.'), documents.count() ) ) return HttpResponseRedirect(previous) context = { 'previous': previous, 'title': ungettext( 'Recalculate the page count of the selected document?', 'Recalculate the page count of the selected documents?', documents.count() ) } if documents.count() == 1: context['object'] = documents.first() return render_to_response( 'appearance/generic_confirm.html', context, context_instance=RequestContext(request) )
def document_page_navigation_last(request, document_page_id): document_page = get_object_or_404(DocumentPage, pk=document_page_id) document_page = get_object_or_404(document_page.siblings, page_number=document_page.siblings.count()) try: Permission.check_permissions(request.user, (permission_document_view,)) except PermissionDenied: AccessControlList.objects.check_access(permission_document_view, request.user, document_page.document) view = resolve(urlparse.urlparse(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))).path).view_name return HttpResponseRedirect('{0}?{1}'.format(reverse(view, args=(document_page.pk,)), request.GET.urlencode()))
def get_queryset(self): document = self.get_document() try: Permission.check_permissions( self.request.user, (permission_document_view,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_document_view, self.request.user, document ) return document.attached_tags().all()
def get_queryset(self): document = get_object_or_404(Document, pk=self.kwargs['pk']) try: Permission.check_permissions( self.request.user, (permission_document_view,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_document_view, self.request.user, document ) return document.node_instances.all()
def get_queryset(self): try: Permission.check_permissions( self.request.user, (permission_comment_view,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_comment_view, self.request.user, self.get_document() ) return self.get_document().comments.all()
def dispatch(self, request, *args, **kwargs): try: Permission.check_permissions( request.user, (permission_document_view,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_document_view, request.user, self.get_document() ) return super( DocumentIndexNodeListView, self ).dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs): try: Permission.check_permissions( request.user, (permission_workflow_view,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_workflow_view, request.user, self.get_workflow() ) return super( SetupWorkflowStateListView, self ).dispatch(request, *args, **kwargs)
def document_create_siblings(request, document_id): Permission.check_permissions(request.user, (permission_document_create,)) document = get_object_or_404(Document, pk=document_id) query_dict = {} for pk, metadata in enumerate(document.metadata.all()): query_dict['metadata%s_id' % pk] = metadata.metadata_type_id query_dict['metadata%s_value' % pk] = metadata.value query_dict['document_type_id'] = document.document_type_id url = reverse('sources:upload_interactive') return HttpResponseRedirect('%s?%s' % (url, urlencode(query_dict)))
def dispatch(self, request, *args, **kwargs): acl = get_object_or_404(AccessControlList, pk=self.kwargs['pk']) try: Permission.check_permissions( request.user, permissions=(permission_acl_edit,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_acl_edit, request.user, acl.content_object ) return super(ACLDeleteView, self).dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs): self.index_instance_node = get_object_or_404(IndexInstanceNode, pk=self.kwargs['pk']) try: Permission.check_permissions(request.user, (permission_document_indexing_view, )) except PermissionDenied: AccessControlList.objects.check_access( permission_document_indexing_view, request.user, self.index_instance_node.index()) if self.index_instance_node: if self.index_instance_node.index_template_node.link_documents: return DocumentListView.dispatch(self, request, *args, **kwargs) return SingleObjectListView.dispatch(self, request, *args, **kwargs)
def __init__(self, *args, **kwargs): user = kwargs.pop('user', None) logger.debug('user: %s', user) super(TagMultipleSelectionForm, self).__init__(*args, **kwargs) queryset = Tag.objects.all() try: Permission.check_permissions(user, (permission_tag_view, )) except PermissionDenied: queryset = AccessControlList.objects.filter_by_access( permission_tag_view, user, queryset) self.fields['tags'] = forms.MultipleChoiceField( label=_('Tags'), choices=queryset.values_list('id', 'label'), help_text=_('Tags to attach to the document.'), required=False, widget=forms.CheckboxSelectMultiple)
def get_queryset(self): if self.request.method == 'GET': documents = DocumentCheckout.objects.checked_out_documents() try: Permission.check_permissions(self.request.user, (permission_document_view, )) except PermissionDenied: filtered_documents = AccessControlList.objects.filter_by_access( (permission_document_view, ), self.request.user, documents) else: filtered_documents = documents return DocumentCheckout.objects.filter( document__pk__in=filtered_documents.values_list('pk', flat=True)) elif self.request.method == 'DELETE': return DocumentCheckout.objects.all()
def dispatch(self, request, *args, **kwargs): self.transformation = get_object_or_404( Transformation, pk=self.kwargs['pk'] ) try: Permission.check_permissions( request.user, (permission_transformation_delete,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_transformation_delete, request.user, self.transformation.content_object ) return super(TransformationDeleteView, self).dispatch( request, *args, **kwargs )
def get_document(self): if self.request.method == 'GET': permission_required = permission_workflow_view else: permission_required = permission_workflow_transition document = get_object_or_404(Document, pk=self.kwargs['pk']) try: Permission.check_permissions( self.request.user, (permission_required,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_required, self.request.user, document ) return document
def get_workflow(self): if self.request.method == 'GET': permission_required = permission_workflow_view else: permission_required = permission_workflow_edit workflow = get_object_or_404(Workflow, pk=self.kwargs['pk']) try: Permission.check_permissions( self.request.user, (permission_required,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_required, self.request.user, workflow ) return workflow
def __init__(self, *args, **kwargs): user = kwargs.pop('user', None) logger.debug('user: %s', user) super(DocumentTypeSelectForm, self).__init__(*args, **kwargs) queryset = DocumentType.objects.all() try: Permission.check_permissions(user, (permission_document_create, )) except PermissionDenied: queryset = AccessControlList.objects.filter_by_access( permission_document_create, user, queryset) self.fields['document_type'] = forms.ModelChoiceField( empty_label=None, label=_('Document type'), queryset=queryset, required=True, widget=forms.widgets.Select(attrs={'size': 10}))
def widget_document_tags(document, user): """ A tag widget that displays the tags for the given document """ tags_template = [] tags = document.attached_tags().all() try: Permission.check_permissions(user, (permission_tag_view, )) except PermissionDenied: tags = AccessControlList.objects.filter_by_access( permission_tag_view, user, tags) for tag in tags: tags_template.append(widget_single_tag(tag)) return mark_safe(''.join(tags_template))
def document_signature_delete(request, document_pk): document = get_object_or_404(Document, pk=document_pk) try: Permission.check_permissions( request.user, (permission_signature_delete,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_signature_delete, request.user, document ) document.add_as_recent_document_for_user(request.user) post_action_redirect = None previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) next = request.POST.get('next', request.GET.get('next', post_action_redirect if post_action_redirect else request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) if request.method == 'POST': try: DocumentVersionSignature.objects.clear_detached_signature( document.latest_version ) messages.success( request, _('Detached signature deleted successfully.') ) return HttpResponseRedirect(next) except Exception as exception: messages.error( request, _( 'Error while deleting the detached signature; %s' ) % exception ) return HttpResponseRedirect(previous) return render_to_response('appearance/generic_confirm.html', { 'delete_view': True, 'next': next, 'object': document, 'previous': previous, 'title': _( 'Delete the detached signature from document: %s?' ) % document, }, context_instance=RequestContext(request))
def delete(self, request, *args, **kwargs): """ Remove a metadata type from a document type. """ document_type = get_object_or_404(DocumentType, pk=self.kwargs['document_type_pk']) try: Permission.check_permissions(self.request.user, (permission_document_type_edit, )) except PermissionDenied: AccessControlList.objects.check_access( permission_document_type_edit, self.request.user, document_type) metadata_type = get_object_or_404(MetadataType, pk=self.kwargs['metadata_type_pk']) document_type.metadata_type.remove(metadata_type) return Response(status=status.HTTP_204_NO_CONTENT)
def get_transition_choices(self, _user=None): current_state = self.get_current_state() if current_state: queryset = current_state.origin_transitions.all() if _user: try: Permission.check_permissions( requester=_user, permissions=( permission_workflow_transition, ) ) except PermissionDenied: try: """ Check for ACL access to the workflow, if true, allow all transition options. """ AccessControlList.objects.check_access( permissions=permission_workflow_transition, user=_user, obj=self.workflow ) except PermissionDenied: """ If not ACL access to the workflow, filter transition options by each transition ACL access """ queryset = AccessControlList.objects.filter_by_access( permission=permission_workflow_transition, user=_user, queryset=queryset ) return queryset else: """ This happens when a workflow has no initial state and a document whose document type has this workflow is created. We return an empty transition queryset. """ return WorkflowTransition.objects.none()
def condition(context): AccessControlList = apps.get_model(app_label='acls', model_name='AccessControlList') Model = apps.get_model(app_label=app_label, model_name=model_name) if view_permission: try: Permission.check_permissions(requester=context.request.user, permissions=(view_permission, )) except PermissionDenied: pass else: return True queryset = AccessControlList.objects.filter_by_access( permission=object_permission, user=context.request.user, queryset=Model.objects.all()) return queryset.count() > 0
def transform_page(request, document_page_id, zoom_function=None, rotation_function=None): document_page = get_object_or_404(DocumentPage, pk=document_page_id) try: Permission.check_permissions(request.user, (permission_document_view, )) except PermissionDenied: AccessControlList.objects.check_access(permission_document_view, request.user, document_page.document) view = resolve( urlparse.urlparse( request.META.get('HTTP_REFERER', reverse( settings.LOGIN_REDIRECT_URL))).path).view_name # Get the query string from the referer url query = urlparse.urlparse( request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))).query # Parse the query string and get the zoom value # parse_qs return a dictionary whose values are lists zoom = int(urlparse.parse_qs(query).get('zoom', ['100'])[0]) rotation = int(urlparse.parse_qs(query).get('rotation', ['0'])[0]) if zoom_function: zoom = zoom_function(zoom) if rotation_function: rotation = rotation_function(rotation) return HttpResponseRedirect('?'.join([ reverse(view, args=(document_page.pk, )), urlencode({ 'zoom': zoom, 'rotation': rotation }) ]))
def document_signature_upload(request, document_pk): document = get_object_or_404(Document, pk=document_pk) try: Permission.check_permissions( request.user, (permission_signature_upload,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_signature_upload, request.user, document ) document.add_as_recent_document_for_user(request.user) post_action_redirect = None previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) next = request.POST.get('next', request.GET.get('next', post_action_redirect if post_action_redirect else request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) if request.method == 'POST': form = DetachedSignatureForm(request.POST, request.FILES) if form.is_valid(): try: DocumentVersionSignature.objects.add_detached_signature( document.latest_version, request.FILES['file'] ) messages.success( request, _('Detached signature uploaded successfully.') ) return HttpResponseRedirect(next) except Exception as exception: messages.error(request, exception) return HttpResponseRedirect(previous) else: form = DetachedSignatureForm() return render_to_response('appearance/generic_form.html', { 'form': form, 'next': next, 'object': document, 'previous': previous, 'title': _('Upload detached signature for document: %s') % document, }, context_instance=RequestContext(request))
def get_queryset(self): queryset = super(ObjectListPermissionFilterMixin, self).get_queryset() if self.object_permission: try: # Check to see if the user has the permissions globally Permission.check_permissions( self.request.user, (self.object_permission,) ) except PermissionDenied: # No global permission, filter ther queryset per object + # permission return AccessControlList.objects.filter_by_access( self.object_permission, self.request.user, queryset ) else: # Has the permission globally, return all results return queryset else: return queryset
def document_page_navigation_first(request, document_page_id): document_page = get_object_or_404(DocumentPage, pk=document_page_id) document_page = get_object_or_404(document_page.siblings, page_number=1) try: Permission.check_permissions(request.user, (permission_document_view, )) except PermissionDenied: AccessControlList.objects.check_access(permission_document_view, request.user, document_page.document) view = resolve( urlparse.urlparse( request.META.get('HTTP_REFERER', reverse( settings.LOGIN_REDIRECT_URL))).path).view_name return HttpResponseRedirect('{0}?{1}'.format( reverse(view, args=(document_page.pk, )), request.GET.urlencode()))
def user_add(request): Permission.check_permissions(request.user, (permission_user_create, )) if request.method == 'POST': form = UserForm(request.POST) if form.is_valid(): user = form.save(commit=False) user.set_unusable_password() user.save() messages.success(request, _('User "%s" created successfully.') % user) return HttpResponseRedirect( reverse('user_management:user_set_password', args=(user.pk, ))) else: form = UserForm() return render_to_response('appearance/generic_form.html', { 'title': _('Create new user'), 'form': form, }, context_instance=RequestContext(request))
def get_workflow(self): """ Retrieve the parent workflow of the workflow document type. Perform custom permission and access check. """ if self.request.method == 'GET': permission_required = permission_workflow_view else: permission_required = permission_workflow_edit workflow = get_object_or_404(Workflow, pk=self.kwargs['pk']) try: Permission.check_permissions(self.request.user, (permission_required, )) except PermissionDenied: AccessControlList.objects.check_access(permission_required, self.request.user, workflow) return workflow
def get_queryset(self, user): queryset = self.model.objects.all() for kwargs in self.filter_kwargs: queryset = queryset.filter(**kwargs) queryset = queryset.distinct() if self.object_permission: try: # Check to see if the user has the permissions globally Permission.check_permissions(user, (self.object_permission, )) except PermissionDenied: # No global permission, filter ther queryset per object + # permission return AccessControlList.objects.filter_by_access( self.object_permission, user, queryset) else: # Has the permission globally, return all results return queryset else: return queryset
def dispatch(self, request, *args, **kwargs): self.object_content_type = get_object_or_404( ContentType, app_label=self.kwargs['app_label'], model=self.kwargs['model']) try: self.content_object = self.object_content_type.get_object_for_this_type( pk=self.kwargs['object_id']) except self.object_content_type.model_class().DoesNotExist: raise Http404 try: Permission.check_permissions( request.user, permissions=(permission_events_view, )) except PermissionDenied: AccessControlList.objects.check_access(permission_events_view, request.user, self.content_object) return super(ObjectEventListView, self).dispatch(request, *args, **kwargs)
def document_clear_image_cache(request): Permission.check_permissions(request.user, (permission_document_tools, )) previous = request.POST.get( 'previous', request.GET.get( 'previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) if request.method == 'POST': task_clear_image_cache.apply_async() messages.success(request, _('Document cache clearing queued successfully.')) return HttpResponseRedirect(previous) return render_to_response('appearance/generic_confirm.html', { 'previous': previous, 'title': _('Clear the document cache?'), }, context_instance=RequestContext(request))
def view_action(self): document = self.get_object() if document.checkout_info().user == self.request.user: try: Permission.check_permissions( self.request.user, (permission_document_checkin,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_document_checkin, self.request.user, document ) else: try: Permission.check_permissions( self.request.user, (permission_document_checkin_override,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_document_checkin_override, self.request.user, document ) try: document.check_in(user=self.request.user) except DocumentNotCheckedOut: messages.error( self.request, _('Document has not been checked out.') ) except Exception as exception: messages.error( self.request, _('Error trying to check in document; %s') % exception ) else: messages.success( self.request, _('Document "%s" checked in successfully.') % document )
def get_content_object(self): if self.request.method == 'GET': permission_required = permission_acl_view else: permission_required = permission_acl_edit content_type = get_object_or_404(ContentType, app_label=self.kwargs['app_label'], model=self.kwargs['model']) content_object = get_object_or_404(content_type.model_class(), pk=self.kwargs['object_pk']) try: Permission.check_permissions(self.request.user, permissions=(permission_required, )) except PermissionDenied: AccessControlList.objects.check_access(permission_required, self.request.user, content_object) return content_object
def get_document(self): document = get_object_or_404(Document, pk=self.kwargs['pk']) if self.request.method == 'GET': """ Only test for permission if reading. If writing, the permission will be checked in the serializer IMPROVEMENT: When writing, add check for permission or ACL for the workflow. Failing that, check for ACLs for any of the workflow's transitions. Failing that, then raise PermissionDenied """ try: Permission.check_permissions(self.request.user, (permission_workflow_view, )) except PermissionDenied: AccessControlList.objects.check_access( permission_workflow_view, self.request.user, document) return document
def document_type_filename_create(request, document_type_id): Permission.check_permissions(request.user, (permission_document_type_edit, )) document_type = get_object_or_404(DocumentType, pk=document_type_id) if request.method == 'POST': form = DocumentTypeFilenameForm_create(request.POST) if form.is_valid(): try: document_type_filename = DocumentTypeFilename( document_type=document_type, filename=form.cleaned_data['filename'], enabled=True) document_type_filename.save() messages.success( request, _('Document type quick label created successfully')) return HttpResponseRedirect( reverse('documents:document_type_filename_list', args=(document_type_id, ))) except Exception as exception: messages.error( request, _('Error creating document type quick label; %(error)s') % {'error': exception}) else: form = DocumentTypeFilenameForm_create() return render_to_response( 'appearance/generic_form.html', { 'document_type': document_type, 'form': form, 'navigation_object_list': ('document_type', ), 'title': _('Create quick label for document type: %s') % document_type, }, context_instance=RequestContext(request))