def has_perm(self, user_obj, perm, obj=None):
        if not user_obj.is_active:
            return False
        if user_obj.is_superuser:
            return True

        app_label,perm_name = perm.split('.',1)
        extensions = getattr(settings, 'ARISTOTLE_SETTINGS', {}).get('CONTENT_EXTENSIONS',[])

        if app_label in extensions + ["aristotle_mdr"]:
            # This is required so that a user can correctly delete the 'concept' parent class in the admin site.
            if perm_name == "delete_concept_from_admin":
                return obj is None or perms.user_can_edit(user_obj,obj)

            # This is a rough catch all, and is designed to indicate a user could
            # delete an item type, but not a specific item.
            elif perm_name.startswith('delete_') \
              or perm_name.startswith('create_') \
              or perm_name.startswith('add_')  :
                if obj is None:
                    return perms.user_is_editor(user_obj)
                else:
                    return perms.user_can_edit(user_obj,obj)

        if perm.startswith("aristotle_mdr.delete_"):
            if obj is None and perm is not "aristotle_mdr.delete_concept_from_admin":
                # This is a rough catch all, and will fail for extension items.
                return perms.user_is_editor(user_obj)
            if perm == "aristotle_mdr.delete_concept_from_admin":
                return obj is None or perms.user_can_edit(user_obj,obj)
        return super(AristotleBackend, self).has_perm(user_obj, perm, obj)
def create_list(request):
    if request.user.is_anonymous():
        return redirect(reverse('friendly_login') + '?next=%s' % request.path)
    if not perms.user_is_editor(request.user):
        raise PermissionDenied

    aristotle_apps = getattr(settings, 'ARISTOTLE_SETTINGS',
                             {}).get('CONTENT_EXTENSIONS', [])
    aristotle_apps += ["aristotle_mdr"]
    out = {}

    for m in get_concepts_for_apps(aristotle_apps):
        # Only output subclasses of 11179 concept
        app_models = out.get(m.app_label, {'app': None, 'models': []})
        if app_models['app'] is None:
            try:
                app_models['app'] = getattr(apps.get_app_config(m.app_label),
                                            'verbose_name')
            except:
                app_models[
                    'app'] = "No name"  # Where no name is configured in the app_config, set a dummy so we don't keep trying
        app_models['models'].append((m, m.model_class()))
        out[m.app_label] = app_models

    return render(request, "aristotle_mdr/create/create_list.html",
                  {'models': out})
Example #3
0
    def has_perm(self, user_obj, perm, obj=None):

        if not user_obj.is_active:
            return False
        if user_obj.is_superuser:
            return True

        app_label, perm_name = perm.split('.', 1)
        extensions = getattr(settings, 'ARISTOTLE_SETTINGS',
                             {}).get('CONTENT_EXTENSIONS', [])

        if app_label == "aristotle_mdr" and hasattr(perms, perm_name):
            return getattr(perms, perm_name)(user_obj, obj)

        if app_label in extensions + ["aristotle_mdr"]:
            # This is required so that a user can correctly delete the 'concept' parent class in the admin site.
            if perm_name == "delete_concept_from_admin":
                return obj is None or perms.user_can_edit(user_obj, obj)

            # This is a rough catch all, and is designed to indicate a user could
            # delete an item type, but not a specific item.
            elif (perm_name.startswith('delete_')
                  or perm_name.startswith('create_')
                  or perm_name.startswith('add_')):
                if obj is None:
                    return perms.user_is_editor(user_obj)
                else:
                    return perms.user_can_edit(user_obj, obj)

        return super(AristotleBackend, self).has_perm(user_obj, perm, obj)
Example #4
0
def create_list(request):
    if request.user.is_anonymous():
        return redirect(reverse('friendly_login') + '?next=%s' % request.path)
    if not perms.user_is_editor(request.user):
        raise PermissionDenied

    aristotle_apps = getattr(settings, 'ARISTOTLE_SETTINGS', {}).get('CONTENT_EXTENSIONS', [])
    aristotle_apps += ["aristotle_mdr"]

    from django.contrib.contenttypes.models import ContentType
    models = ContentType.objects.filter(app_label__in=aristotle_apps).all()
    out = {}

    for m in models:
        if issubclass(m.model_class(), MDR._concept) and not m.model.startswith("_"):
            # Only output subclasses of 11179 concept
            app_models = out.get(m.app_label, {'app': None, 'models': []})
            if app_models['app'] is None:
                try:
                    app_models['app'] = getattr(apps.get_app_config(m.app_label), 'verbose_name')
                except:
                    app_models['app'] = "No name"  # Where no name is configured in the app_config, set a dummy so we don't keep trying
            app_models['models'].append((m, m.model_class()))
            out[m.app_label] = app_models

    return render(request, "aristotle_mdr/create/create_list.html", {'models': out})
def create_list(request):
    if request.user.is_anonymous():
        return redirect(reverse('django.contrib.auth.views.login')+'?next=%s' % request.path)
    if not perms.user_is_editor(request.user):
        raise PermissionDenied

    aristotle_apps = getattr(settings, 'ARISTOTLE_SETTINGS', {}).get('CONTENT_EXTENSIONS',[])
    aristotle_apps += ["aristotle_mdr"]

    from django.contrib.contenttypes.models import ContentType
    models = ContentType.objects.filter(app_label__in=aristotle_apps).all()
    out = {}

    for m in models:
        if issubclass(m.model_class(),MDR._concept) and not m.model.startswith("_"):
            # Only output subclasses of 11179 concept
            app_models = out.get(m.app_label,{'app':None,'models':[]})
            if app_models['app'] is None:
                try:
                    app_models['app'] = getattr(apps.get_app_config(m.app_label),'verbose_name')
                except:
                    app_models['app'] = "No name" # Where no name is configured in the app_config, set a dummy so we don't keep trying
            app_models['models'].append((m,m.model_class()))
            out[m.app_label] = app_models

    return render(request,"aristotle_mdr/create/create_list.html",
        {'models':out,}
        )
 def has_module_perms(self, user_obj, app_label):
     """
     Returns True if the requested app is an aristotle extension.
     Actual permissions to edit/change content are covered in aristotle_mdr.admin
     Otherwise, it returns as per Django permissions
     """
     if not user_obj.is_active:
         return False
     extensions = fetch_aristotle_settings().get('CONTENT_EXTENSIONS', [])
     if app_label in extensions + ["aristotle_mdr"]:
         return perms.user_is_editor(user_obj)
     return super().has_module_perms(user_obj, app_label)
 def has_module_perms(self, user_obj, app_label):
     """
     Returns True if the requested app is an aristotle extension.
     Actual permissions to edit/change content are covered in aristotle_mdr.admin
     Otherwise, it returns as per Django permissions
     """
     if not user_obj.is_active:
         return False
     extensions = fetch_aristotle_settings().get('CONTENT_EXTENSIONS', [])
     if app_label in extensions + ["aristotle_mdr"]:
         return perms.user_is_editor(user_obj)
     return super().has_module_perms(user_obj, app_label)
Example #8
0
def create_list(request):
    if request.user.is_anonymous():
        return redirect(reverse('friendly_login') + '?next=%s' % request.path)
    if not perms.user_is_editor(request.user):
        raise PermissionDenied

    aristotle_apps = fetch_aristotle_settings().get('CONTENT_EXTENSIONS', [])
    aristotle_apps += ["aristotle_mdr"]
    out = {}

    wizards = []
    for wiz in getattr(settings, 'ARISTOTLE_SETTINGS',
                       {}).get('METADATA_CREATION_WIZARDS', []):
        w = wiz.copy()
        _w = {
            'model':
            apps.get_app_config(wiz['app_label']).get_model(wiz['model']),
            'class': import_string(wiz['class']),
        }
        w.update(_w)
        wizards.append(w)

    for m in get_concepts_for_apps(aristotle_apps):
        # Only output subclasses of 11179 concept
        app_models = out.get(m.app_label, {'app': None, 'models': []})
        if app_models['app'] is None:
            try:
                app_models['app'] = getattr(apps.get_app_config(m.app_label),
                                            'verbose_name')
            except:
                app_models[
                    'app'] = "No name"  # Where no name is configured in the app_config, set a dummy so we don't keep trying
        app_models['models'].append((m, m.model_class()))
        out[m.app_label] = app_models

    return render(request, "aristotle_mdr/create/create_list.html", {
        'models': sorted(out.values(), key=lambda x: x['app']),
        'wizards': wizards
    })
def create_list(request):
    if request.user.is_anonymous():
        return redirect(reverse('friendly_login') + '?next=%s' % request.path)
    if not perms.user_is_editor(request.user):
        raise PermissionDenied

    aristotle_apps = getattr(settings, 'ARISTOTLE_SETTINGS', {}).get('CONTENT_EXTENSIONS', [])
    aristotle_apps += ["aristotle_mdr"]
    out = {}

    for m in get_concepts_for_apps(aristotle_apps):
        # Only output subclasses of 11179 concept
        app_models = out.get(m.app_label, {'app': None, 'models': []})
        if app_models['app'] is None:
            try:
                app_models['app'] = getattr(apps.get_app_config(m.app_label), 'verbose_name')
            except:
                app_models['app'] = "No name"  # Where no name is configured in the app_config, set a dummy so we don't keep trying
        app_models['models'].append((m, m.model_class()))
        out[m.app_label] = app_models

    return render(request, "aristotle_mdr/create/create_list.html", {'models': out})
def create_list(request):
    if request.user.is_anonymous():
        return redirect(reverse('friendly_login') + '?next=%s' % request.path)
    if not perms.user_is_editor(request.user):
        raise PermissionDenied

    aristotle_apps = fetch_aristotle_settings().get('CONTENT_EXTENSIONS', [])
    aristotle_apps += ["aristotle_mdr"]
    out = {}

    wizards = []
    for wiz in getattr(settings, 'ARISTOTLE_SETTINGS', {}).get('METADATA_CREATION_WIZARDS', []):
        w = wiz.copy()
        _w = {
            'model': apps.get_app_config(wiz['app_label']).get_model(wiz['model']),
            'class': import_string(wiz['class']),
        }
        w.update(_w)
        wizards.append(w)

    for m in get_concepts_for_apps(aristotle_apps):
        # Only output subclasses of 11179 concept
        app_models = out.get(m.app_label, {'app': None, 'models': []})
        if app_models['app'] is None:
            try:
                app_models['app'] = getattr(apps.get_app_config(m.app_label), 'verbose_name')
            except:
                app_models['app'] = "No name"  # Where no name is configured in the app_config, set a dummy so we don't keep trying
        app_models['models'].append((m, m.model_class()))
        out[m.app_label] = app_models

    return render(
        request, "aristotle_mdr/create/create_list.html",
        {
            'models': sorted(out.values(), key=lambda x: x['app']),
            'wizards': wizards
        }
    )
Example #11
0
 def has_delete_permission(self, request, obj=None):
     if obj is None:
         return perms.user_is_editor(request.user)
     else:
         return request.user.has_perm("aristotle_mdr.delete_concept_from_admin", obj)
Example #12
0
 def has_add_permission(self, request):
     return perms.user_is_editor(request.user)
 def has_delete_permission(self, request, obj=None):
     if obj is None:
         return perms.user_is_editor(request.user)
     else:
         return request.user.has_perm("aristotle_mdr.delete_concept_from_admin", obj)
 def has_add_permission(self, request):
     return perms.user_is_editor(request.user)
    def has_perm(self, user_obj, perm, obj=None):

        if not user_obj.is_active:
            return False
        if user_obj.is_superuser:
            return True

        app_label, perm_name = perm.split('.', 1)
        extensions = fetch_aristotle_settings().get('CONTENT_EXTENSIONS', [])

        if app_label == "aristotle_mdr" and hasattr(perms, perm_name):
            return getattr(perms, perm_name)(user_obj, obj)

        from django.apps import apps
        from aristotle_mdr.models import _concept

        perm_parts = perm_name.split("_")
        if len(perm_parts) == 2:
            model = apps.get_model(app_label, perm_parts[1])
        else:
            model = int

        if app_label in extensions + ["aristotle_mdr"] and issubclass(
                model, _concept):
            # This is required so that a user can correctly delete the 'concept' parent class in the admin site.

            # This is a rough catch all, and is designed to indicate a user could
            # delete an item type, but not a specific item.
            if (perm_name.startswith('delete_')
                    or perm_name.startswith('create_')
                    or perm_name.startswith('add_')):
                if obj is None:
                    return perms.user_is_editor(user_obj)
                else:
                    return perms.user_can_edit(user_obj, obj)

        if app_label in extensions + ["aristotle_mdr"]:
            if perm_name == "delete_concept_from_admin":
                return obj is None or perms.user_can_edit(user_obj, obj)

        if perm == "aristotle_mdr.can_create_metadata":
            return perms.user_is_editor(user_obj)

        if perm == "aristotle_mdr.view_workgroup":
            return perms.user_in_workgroup(user_obj, obj)
        if perm == "aristotle_mdr.can_leave_workgroup":
            return perms.user_in_workgroup(user_obj, obj)
        if perm == "aristotle_mdr.change_workgroup_memberships":
            return perms.user_is_workgroup_manager(user_obj, obj)
        if perm == "aristotle_mdr.change_workgroup":
            return perms.user_is_workgroup_manager(user_obj, obj)
        if perm == "aristotle_mdr.can_archive_workgroup":
            return perms.user_is_workgroup_manager(user_obj, obj)

        if perm == "aristotle_mdr.can_view_discussions_in_workgroup":
            return perms.user_in_workgroup(user_obj, obj)
        if perm == "aristotle_mdr.can_post_discussion_in_workgroup":
            return perms.user_in_workgroup(user_obj, obj)
        if perm == "aristotle_mdr.can_view_discussion_post":
            return perms.user_in_workgroup(user_obj, obj.workgroup)

        if perm == "aristotle_mdr.view_registrationauthority_details":
            return (perms.user_is_registation_authority_manager(user_obj, obj)
                    or perms.user_is_registrar(user_obj, obj))
        if perm == "aristotle_mdr.change_registrationauthority":
            return perms.user_is_registation_authority_manager(user_obj, obj)
        if perm == "aristotle_mdr.change_registrationauthority_memberships":
            return perms.user_is_registation_authority_manager(user_obj, obj)

        from aristotle_mdr.contrib.links import perms as link_perms
        if perm == "aristotle_mdr_links.add_link":
            return link_perms.user_can_make_link(user_obj)

        return super(AristotleBackend, self).has_perm(user_obj, perm, obj)
Example #16
0
def user_can_make_link(user):
    """
    If a user can create metadata, they can make links
    """
    return perms.user_is_editor(user)
    def has_perm(self, user_obj, perm, obj=None):

        if not user_obj.is_active:
            return False
        if user_obj.is_superuser:
            return True

        app_label, perm_name = perm.split('.', 1)
        extensions = fetch_aristotle_settings().get('CONTENT_EXTENSIONS', [])

        if app_label == "aristotle_mdr" and hasattr(perms, perm_name):
            return getattr(perms, perm_name)(user_obj, obj)

        from django.apps import apps
        from aristotle_mdr.models import _concept

        perm_parts = perm_name.split("_")
        if len(perm_parts) == 2:
            model = apps.get_model(app_label, perm_parts[1])
        elif obj is not None:
            model = type(obj)
        else:
            model = int

        if app_label in extensions + ["aristotle_mdr"] and issubclass(model, _concept):
            # This is required so that a user can correctly delete the 'concept' parent class in the admin site.

            # This is a rough catch all, and is designed to indicate a user could
            # delete an item type, but not a specific item.
            if (
                perm_name.startswith('delete_') or
                perm_name.startswith('create_') or
                perm_name.startswith('add_')
            ):
                if obj is None:
                    return perms.user_is_editor(user_obj)
                else:
                    return perms.user_can_edit(user_obj, obj)

        if app_label in extensions + ["aristotle_mdr"]:
            if perm_name == "delete_concept_from_admin":
                return obj is None or perms.user_can_edit(user_obj, obj)

        if perm == "aristotle_mdr.can_create_metadata":
            return perms.user_is_editor(user_obj)

        if perm == "aristotle_mdr.view_workgroup":
            return perms.user_in_workgroup(user_obj, obj)
        if perm == "aristotle_mdr.can_leave_workgroup":
            return perms.user_in_workgroup(user_obj, obj)
        if perm == "aristotle_mdr.change_workgroup_memberships":
            return perms.user_is_workgroup_manager(user_obj, obj)
        if perm == "aristotle_mdr.change_workgroup":
            return perms.user_is_workgroup_manager(user_obj, obj)
        if perm == "aristotle_mdr.can_archive_workgroup":
            return perms.user_is_workgroup_manager(user_obj, obj)

        if perm == "aristotle_mdr.can_view_discussions_in_workgroup":
            return perms.user_in_workgroup(user_obj, obj)
        if perm == "aristotle_mdr.can_post_discussion_in_workgroup":
            return perms.user_in_workgroup(user_obj, obj)
        if perm == "aristotle_mdr.can_view_discussion_post":
            return perms.user_in_workgroup(user_obj, obj.workgroup)

        if perm == "aristotle_mdr.view_registrationauthority_details":
            return (
                perms.user_is_registation_authority_manager(user_obj, obj) or
                perms.user_is_registrar(user_obj, obj)
            )
        if perm == "aristotle_mdr.change_registrationauthority":
            return perms.user_is_registation_authority_manager(user_obj, obj)
        if perm == "aristotle_mdr.change_registrationauthority_memberships":
            return perms.user_is_registation_authority_manager(user_obj, obj)

        from aristotle_mdr.contrib.links import perms as link_perms
        if perm == "aristotle_mdr_links.add_link":
            return link_perms.user_can_make_link(user_obj)

        return super().has_perm(user_obj, perm, obj)
Example #18
0
    def dispatch(self, request, *args, **kwargs):
        if not user_is_editor(request.user):
            raise PermissionDenied

        return super(PermissionWizard, self).dispatch(request, *args, **kwargs)
 def test_is_editor(self):
     self.assertTrue(perms.user_is_editor(self.su))
    def dispatch(self, request, *args, **kwargs):
        if not user_is_editor(request.user):
            raise PermissionDenied

        return super(PermissionWizard, self).dispatch(request, *args, **kwargs)