def has_perm(self, user_obj, perm, obj=None):
if not user_obj.is_active:
return False
if user_obj.is_superuser:
return True
app_label,perm_name = perm.split('.',1)
extensions = getattr(settings, 'ARISTOTLE_SETTINGS', {}).get('CONTENT_EXTENSIONS',[])
if app_label in extensions + ["aristotle_mdr"]:
# This is required so that a user can correctly delete the 'concept' parent class in the admin site.
if perm_name == "delete_concept_from_admin":
return obj is None or perms.user_can_edit(user_obj,obj)
# This is a rough catch all, and is designed to indicate a user could
# delete an item type, but not a specific item.
elif perm_name.startswith('delete_') \
or perm_name.startswith('create_') \
or perm_name.startswith('add_') :
if obj is None:
return perms.user_is_editor(user_obj)
else:
return perms.user_can_edit(user_obj,obj)
if perm.startswith("aristotle_mdr.delete_"):
if obj is None and perm is not "aristotle_mdr.delete_concept_from_admin":
# This is a rough catch all, and will fail for extension items.
return perms.user_is_editor(user_obj)
if perm == "aristotle_mdr.delete_concept_from_admin":
return obj is None or perms.user_can_edit(user_obj,obj)
return super(AristotleBackend, self).has_perm(user_obj, perm, obj)
def create_list(request):
if request.user.is_anonymous():
return redirect(reverse('friendly_login') + '?next=%s' % request.path)
if not perms.user_is_editor(request.user):
raise PermissionDenied
aristotle_apps = getattr(settings, 'ARISTOTLE_SETTINGS',
{}).get('CONTENT_EXTENSIONS', [])
aristotle_apps += ["aristotle_mdr"]
out = {}
for m in get_concepts_for_apps(aristotle_apps):
# Only output subclasses of 11179 concept
app_models = out.get(m.app_label, {'app': None, 'models': []})
if app_models['app'] is None:
try:
app_models['app'] = getattr(apps.get_app_config(m.app_label),
'verbose_name')
except:
app_models[
'app'] = "No name" # Where no name is configured in the app_config, set a dummy so we don't keep trying
app_models['models'].append((m, m.model_class()))
out[m.app_label] = app_models
return render(request, "aristotle_mdr/create/create_list.html",
{'models': out})
def has_perm(self, user_obj, perm, obj=None):
if not user_obj.is_active:
return False
if user_obj.is_superuser:
return True
app_label, perm_name = perm.split('.', 1)
extensions = getattr(settings, 'ARISTOTLE_SETTINGS',
{}).get('CONTENT_EXTENSIONS', [])
if app_label == "aristotle_mdr" and hasattr(perms, perm_name):
return getattr(perms, perm_name)(user_obj, obj)
if app_label in extensions + ["aristotle_mdr"]:
# This is required so that a user can correctly delete the 'concept' parent class in the admin site.
if perm_name == "delete_concept_from_admin":
return obj is None or perms.user_can_edit(user_obj, obj)
# This is a rough catch all, and is designed to indicate a user could
# delete an item type, but not a specific item.
elif (perm_name.startswith('delete_')
or perm_name.startswith('create_')
or perm_name.startswith('add_')):
if obj is None:
return perms.user_is_editor(user_obj)
else:
return perms.user_can_edit(user_obj, obj)
return super(AristotleBackend, self).has_perm(user_obj, perm, obj)
def create_list(request):
if request.user.is_anonymous():
return redirect(reverse('friendly_login') + '?next=%s' % request.path)
if not perms.user_is_editor(request.user):
raise PermissionDenied
aristotle_apps = getattr(settings, 'ARISTOTLE_SETTINGS', {}).get('CONTENT_EXTENSIONS', [])
aristotle_apps += ["aristotle_mdr"]
from django.contrib.contenttypes.models import ContentType
models = ContentType.objects.filter(app_label__in=aristotle_apps).all()
out = {}
for m in models:
if issubclass(m.model_class(), MDR._concept) and not m.model.startswith("_"):
# Only output subclasses of 11179 concept
app_models = out.get(m.app_label, {'app': None, 'models': []})
if app_models['app'] is None:
try:
app_models['app'] = getattr(apps.get_app_config(m.app_label), 'verbose_name')
except:
app_models['app'] = "No name" # Where no name is configured in the app_config, set a dummy so we don't keep trying
app_models['models'].append((m, m.model_class()))
out[m.app_label] = app_models
return render(request, "aristotle_mdr/create/create_list.html", {'models': out})
def create_list(request):
if request.user.is_anonymous():
return redirect(reverse('django.contrib.auth.views.login')+'?next=%s' % request.path)
if not perms.user_is_editor(request.user):
raise PermissionDenied
aristotle_apps = getattr(settings, 'ARISTOTLE_SETTINGS', {}).get('CONTENT_EXTENSIONS',[])
aristotle_apps += ["aristotle_mdr"]
from django.contrib.contenttypes.models import ContentType
models = ContentType.objects.filter(app_label__in=aristotle_apps).all()
out = {}
for m in models:
if issubclass(m.model_class(),MDR._concept) and not m.model.startswith("_"):
# Only output subclasses of 11179 concept
app_models = out.get(m.app_label,{'app':None,'models':[]})
if app_models['app'] is None:
try:
app_models['app'] = getattr(apps.get_app_config(m.app_label),'verbose_name')
except:
app_models['app'] = "No name" # Where no name is configured in the app_config, set a dummy so we don't keep trying
app_models['models'].append((m,m.model_class()))
out[m.app_label] = app_models
return render(request,"aristotle_mdr/create/create_list.html",
{'models':out,}
)
def has_module_perms(self, user_obj, app_label):
"""
Returns True if the requested app is an aristotle extension.
Actual permissions to edit/change content are covered in aristotle_mdr.admin
Otherwise, it returns as per Django permissions
"""
if not user_obj.is_active:
return False
extensions = fetch_aristotle_settings().get('CONTENT_EXTENSIONS', [])
if app_label in extensions + ["aristotle_mdr"]:
return perms.user_is_editor(user_obj)
return super().has_module_perms(user_obj, app_label)
def has_module_perms(self, user_obj, app_label):
"""
Returns True if the requested app is an aristotle extension.
Actual permissions to edit/change content are covered in aristotle_mdr.admin
Otherwise, it returns as per Django permissions
"""
if not user_obj.is_active:
return False
extensions = fetch_aristotle_settings().get('CONTENT_EXTENSIONS', [])
if app_label in extensions + ["aristotle_mdr"]:
return perms.user_is_editor(user_obj)
return super().has_module_perms(user_obj, app_label)
def create_list(request):
if request.user.is_anonymous():
return redirect(reverse('friendly_login') + '?next=%s' % request.path)
if not perms.user_is_editor(request.user):
raise PermissionDenied
aristotle_apps = fetch_aristotle_settings().get('CONTENT_EXTENSIONS', [])
aristotle_apps += ["aristotle_mdr"]
out = {}
wizards = []
for wiz in getattr(settings, 'ARISTOTLE_SETTINGS',
{}).get('METADATA_CREATION_WIZARDS', []):
w = wiz.copy()
_w = {
'model':
apps.get_app_config(wiz['app_label']).get_model(wiz['model']),
'class': import_string(wiz['class']),
}
w.update(_w)
wizards.append(w)
for m in get_concepts_for_apps(aristotle_apps):
# Only output subclasses of 11179 concept
app_models = out.get(m.app_label, {'app': None, 'models': []})
if app_models['app'] is None:
try:
app_models['app'] = getattr(apps.get_app_config(m.app_label),
'verbose_name')
except:
app_models[
'app'] = "No name" # Where no name is configured in the app_config, set a dummy so we don't keep trying
app_models['models'].append((m, m.model_class()))
out[m.app_label] = app_models
return render(request, "aristotle_mdr/create/create_list.html", {
'models': sorted(out.values(), key=lambda x: x['app']),
'wizards': wizards
})
def create_list(request):
if request.user.is_anonymous():
return redirect(reverse('friendly_login') + '?next=%s' % request.path)
if not perms.user_is_editor(request.user):
raise PermissionDenied
aristotle_apps = getattr(settings, 'ARISTOTLE_SETTINGS', {}).get('CONTENT_EXTENSIONS', [])
aristotle_apps += ["aristotle_mdr"]
out = {}
for m in get_concepts_for_apps(aristotle_apps):
# Only output subclasses of 11179 concept
app_models = out.get(m.app_label, {'app': None, 'models': []})
if app_models['app'] is None:
try:
app_models['app'] = getattr(apps.get_app_config(m.app_label), 'verbose_name')
except:
app_models['app'] = "No name" # Where no name is configured in the app_config, set a dummy so we don't keep trying
app_models['models'].append((m, m.model_class()))
out[m.app_label] = app_models
return render(request, "aristotle_mdr/create/create_list.html", {'models': out})
def create_list(request):
if request.user.is_anonymous():
return redirect(reverse('friendly_login') + '?next=%s' % request.path)
if not perms.user_is_editor(request.user):
raise PermissionDenied
aristotle_apps = fetch_aristotle_settings().get('CONTENT_EXTENSIONS', [])
aristotle_apps += ["aristotle_mdr"]
out = {}
wizards = []
for wiz in getattr(settings, 'ARISTOTLE_SETTINGS', {}).get('METADATA_CREATION_WIZARDS', []):
w = wiz.copy()
_w = {
'model': apps.get_app_config(wiz['app_label']).get_model(wiz['model']),
'class': import_string(wiz['class']),
}
w.update(_w)
wizards.append(w)
for m in get_concepts_for_apps(aristotle_apps):
# Only output subclasses of 11179 concept
app_models = out.get(m.app_label, {'app': None, 'models': []})
if app_models['app'] is None:
try:
app_models['app'] = getattr(apps.get_app_config(m.app_label), 'verbose_name')
except:
app_models['app'] = "No name" # Where no name is configured in the app_config, set a dummy so we don't keep trying
app_models['models'].append((m, m.model_class()))
out[m.app_label] = app_models
return render(
request, "aristotle_mdr/create/create_list.html",
{
'models': sorted(out.values(), key=lambda x: x['app']),
'wizards': wizards
}
)
def has_delete_permission(self, request, obj=None):
if obj is None:
return perms.user_is_editor(request.user)
else:
return request.user.has_perm("aristotle_mdr.delete_concept_from_admin", obj)
def has_add_permission(self, request):
return perms.user_is_editor(request.user)
def has_delete_permission(self, request, obj=None):
if obj is None:
return perms.user_is_editor(request.user)
else:
return request.user.has_perm("aristotle_mdr.delete_concept_from_admin", obj)
def has_add_permission(self, request):
return perms.user_is_editor(request.user)
def has_perm(self, user_obj, perm, obj=None):
if not user_obj.is_active:
return False
if user_obj.is_superuser:
return True
app_label, perm_name = perm.split('.', 1)
extensions = fetch_aristotle_settings().get('CONTENT_EXTENSIONS', [])
if app_label == "aristotle_mdr" and hasattr(perms, perm_name):
return getattr(perms, perm_name)(user_obj, obj)
from django.apps import apps
from aristotle_mdr.models import _concept
perm_parts = perm_name.split("_")
if len(perm_parts) == 2:
model = apps.get_model(app_label, perm_parts[1])
else:
model = int
if app_label in extensions + ["aristotle_mdr"] and issubclass(
model, _concept):
# This is required so that a user can correctly delete the 'concept' parent class in the admin site.
# This is a rough catch all, and is designed to indicate a user could
# delete an item type, but not a specific item.
if (perm_name.startswith('delete_')
or perm_name.startswith('create_')
or perm_name.startswith('add_')):
if obj is None:
return perms.user_is_editor(user_obj)
else:
return perms.user_can_edit(user_obj, obj)
if app_label in extensions + ["aristotle_mdr"]:
if perm_name == "delete_concept_from_admin":
return obj is None or perms.user_can_edit(user_obj, obj)
if perm == "aristotle_mdr.can_create_metadata":
return perms.user_is_editor(user_obj)
if perm == "aristotle_mdr.view_workgroup":
return perms.user_in_workgroup(user_obj, obj)
if perm == "aristotle_mdr.can_leave_workgroup":
return perms.user_in_workgroup(user_obj, obj)
if perm == "aristotle_mdr.change_workgroup_memberships":
return perms.user_is_workgroup_manager(user_obj, obj)
if perm == "aristotle_mdr.change_workgroup":
return perms.user_is_workgroup_manager(user_obj, obj)
if perm == "aristotle_mdr.can_archive_workgroup":
return perms.user_is_workgroup_manager(user_obj, obj)
if perm == "aristotle_mdr.can_view_discussions_in_workgroup":
return perms.user_in_workgroup(user_obj, obj)
if perm == "aristotle_mdr.can_post_discussion_in_workgroup":
return perms.user_in_workgroup(user_obj, obj)
if perm == "aristotle_mdr.can_view_discussion_post":
return perms.user_in_workgroup(user_obj, obj.workgroup)
if perm == "aristotle_mdr.view_registrationauthority_details":
return (perms.user_is_registation_authority_manager(user_obj, obj)
or perms.user_is_registrar(user_obj, obj))
if perm == "aristotle_mdr.change_registrationauthority":
return perms.user_is_registation_authority_manager(user_obj, obj)
if perm == "aristotle_mdr.change_registrationauthority_memberships":
return perms.user_is_registation_authority_manager(user_obj, obj)
from aristotle_mdr.contrib.links import perms as link_perms
if perm == "aristotle_mdr_links.add_link":
return link_perms.user_can_make_link(user_obj)
return super(AristotleBackend, self).has_perm(user_obj, perm, obj)
def user_can_make_link(user):
"""
If a user can create metadata, they can make links
"""
return perms.user_is_editor(user)
def has_perm(self, user_obj, perm, obj=None):
if not user_obj.is_active:
return False
if user_obj.is_superuser:
return True
app_label, perm_name = perm.split('.', 1)
extensions = fetch_aristotle_settings().get('CONTENT_EXTENSIONS', [])
if app_label == "aristotle_mdr" and hasattr(perms, perm_name):
return getattr(perms, perm_name)(user_obj, obj)
from django.apps import apps
from aristotle_mdr.models import _concept
perm_parts = perm_name.split("_")
if len(perm_parts) == 2:
model = apps.get_model(app_label, perm_parts[1])
elif obj is not None:
model = type(obj)
else:
model = int
if app_label in extensions + ["aristotle_mdr"] and issubclass(model, _concept):
# This is required so that a user can correctly delete the 'concept' parent class in the admin site.
# This is a rough catch all, and is designed to indicate a user could
# delete an item type, but not a specific item.
if (
perm_name.startswith('delete_') or
perm_name.startswith('create_') or
perm_name.startswith('add_')
):
if obj is None:
return perms.user_is_editor(user_obj)
else:
return perms.user_can_edit(user_obj, obj)
if app_label in extensions + ["aristotle_mdr"]:
if perm_name == "delete_concept_from_admin":
return obj is None or perms.user_can_edit(user_obj, obj)
if perm == "aristotle_mdr.can_create_metadata":
return perms.user_is_editor(user_obj)
if perm == "aristotle_mdr.view_workgroup":
return perms.user_in_workgroup(user_obj, obj)
if perm == "aristotle_mdr.can_leave_workgroup":
return perms.user_in_workgroup(user_obj, obj)
if perm == "aristotle_mdr.change_workgroup_memberships":
return perms.user_is_workgroup_manager(user_obj, obj)
if perm == "aristotle_mdr.change_workgroup":
return perms.user_is_workgroup_manager(user_obj, obj)
if perm == "aristotle_mdr.can_archive_workgroup":
return perms.user_is_workgroup_manager(user_obj, obj)
if perm == "aristotle_mdr.can_view_discussions_in_workgroup":
return perms.user_in_workgroup(user_obj, obj)
if perm == "aristotle_mdr.can_post_discussion_in_workgroup":
return perms.user_in_workgroup(user_obj, obj)
if perm == "aristotle_mdr.can_view_discussion_post":
return perms.user_in_workgroup(user_obj, obj.workgroup)
if perm == "aristotle_mdr.view_registrationauthority_details":
return (
perms.user_is_registation_authority_manager(user_obj, obj) or
perms.user_is_registrar(user_obj, obj)
)
if perm == "aristotle_mdr.change_registrationauthority":
return perms.user_is_registation_authority_manager(user_obj, obj)
if perm == "aristotle_mdr.change_registrationauthority_memberships":
return perms.user_is_registation_authority_manager(user_obj, obj)
from aristotle_mdr.contrib.links import perms as link_perms
if perm == "aristotle_mdr_links.add_link":
return link_perms.user_can_make_link(user_obj)
return super().has_perm(user_obj, perm, obj)
def dispatch(self, request, *args, **kwargs):
if not user_is_editor(request.user):
raise PermissionDenied
return super(PermissionWizard, self).dispatch(request, *args, **kwargs)
def test_is_editor(self):
self.assertTrue(perms.user_is_editor(self.su))
def dispatch(self, request, *args, **kwargs):
if not user_is_editor(request.user):
raise PermissionDenied
return super(PermissionWizard, self).dispatch(request, *args, **kwargs)