Example #1
0
        def wrapped_view_func(request, *args, **kwargs):

            # Ensure that the user is authenticated
            if not request.user.is_authenticated():
                raise PermissionDenied

            # Get the required role and the user's role
            required_role = Role.get_role(role)
            user_role = Role.get_role(request.user.role)

            if not user_role.supersedes(required_role):
                raise PermissionDenied

            return view_func(request, *args, **kwargs)
Example #2
0
class AccountUpdateForm(forms.ModelForm):
    role = forms.ChoiceField(choices=Role.get_roles())

    class Meta:
        model = Account
        fields = ('email', 'first_name', 'last_name', 'role')

    def __init__(self, *args, **kwargs):
        self.account = kwargs.pop('account', None)
        super(AccountUpdateForm, self).__init__(*args, **kwargs)

        if self.account and hasattr(self.account, 'role'):
            # If you are not an admin you can't see roles
            if self.account.role < Account.ADMINISTRATOR:
                del self.fields['role']

            else:
                # If you are an administrator or up you can change roles for
                # appropriate level
                self.fields['role'].choices = [
                    choice for choice in self.fields['role'].choices
                    if choice[0] <= self.account.role
                ]
        else:
            raise Exception('You must provide an account to this form.')
Example #3
0
 def test_list_roles(self):
     roles = Role.list_roles()
     self.assertEquals(len(roles), 4)
     self.assertTrue(self.role_1.slug in roles)
     self.assertTrue(self.role_2.slug in roles)
     self.assertTrue(self.role_3.slug in roles)
     self.assertTrue(self.role_4.slug in roles)
Example #4
0
 def test_get_roles(self):
     roles = Role.get_roles()
     self.assertEquals(len(roles), 4)
     self.assertTrue((self.role_1.slug, self.role_1) in roles)
     self.assertTrue((self.role_2.slug, self.role_2) in roles)
     self.assertTrue((self.role_3.slug, self.role_3) in roles)
     self.assertTrue((self.role_4.slug, self.role_4) in roles)
Example #5
0
 def get_required_role(self):
     if self.role:
         return Role.get_role(self.role)
     else:
         raise ImproperlyConfigured(
             "Views which inherit from MinimumRoleRequiredMixin must have a \"role\" member."
         )
    def process_request(self, request):
        if not request.user.is_authenticated():
            return

        user_role = Role.get_role(request.user.role)
        admin_role = Role.get_role(MELLOW_ADMIN_ROLE)
        if user_role.supersedes(admin_role):
            if '__impersonate' in request.GET:
                request.session['impersonate_id'] = int(
                    request.GET['__impersonate'])
            elif '__unimpersonate' in request.GET:
                if 'impersonate_id' in request.session:
                    del request.session['impersonate_id']

            if 'impersonate_id' in request.session:
                request.impersonator = request.user
                request.user = Account.objects.get(
                    pk=request.session['impersonate_id'])
Example #7
0
    def test_set_roles(self):
        mellow_roles = [
            ('superadmin', 'Super Administrator'),
            ('admin', 'Administrator', 'superadmin'),
            ('user', 'User', 'admin'),
            ('client', 'Client', 'admin'),
        ]
        Role.set_roles(mellow_roles)
        roles = Role.list_roles()

        # Test role name list
        self.assertEquals(len(roles), 4)
        self.assertTrue('superadmin' in roles)
        self.assertTrue('admin' in roles)
        self.assertTrue('user' in roles)
        self.assertTrue('client' in roles)

        # Test role relationships
        self.assertEquals(Role.get_role(slug='superadmin').parent, None)
        self.assertEquals(Role.get_role(slug='admin').parent.slug, 'superadmin')
        self.assertEquals(Role.get_role(slug='user').parent.slug, 'admin')
        self.assertEquals(Role.get_role(slug='client').parent.slug, 'admin')
 def test_default_settings(self):
     roles = Role.list_roles()
     self.assertEquals(len(roles), 3)
     self.assertTrue('superadmin' in roles)
     self.assertTrue('admin' in roles)
     self.assertTrue('user' in roles)
Example #9
0
 def __init__(self, *args, **kwargs):
     super(CreateUnactivatedAccountForm, self).__init__(*args, **kwargs)
     self.fields['role'] = forms.ChoiceField(choices=Role.get_roles())
Example #10
0
from django.conf import settings
from mellow.roles import Role

# Role tree
DEFAULT_MELLOW_ROLES = [
    (
        'superadmin',
        'Super Administrator',
    ),
    ('admin', 'Administrator', 'superadmin'),
    ('user', 'User', 'admin'),
]
MELLOW_ROLES = getattr(settings, 'MELLOW_ROLES', DEFAULT_MELLOW_ROLES)
Role.set_roles(MELLOW_ROLES)

# Account creation role permission
MELLOW_ADMIN_ROLE = getattr(settings, 'MELLOW_MINIMUM_ACCOUNT_CREATE_ROLE',
                            'admin')
Example #11
0
 def setUp(self):
     Role.clear_roles()
     self.role_1 = RoleFactory.create()
     self.role_2 = RoleFactory.create(parent=self.role_1)
     self.role_3 = RoleFactory.create(parent=self.role_1)
     self.role_4 = RoleFactory.create(parent=self.role_3)
Example #12
0
 def test_get_required_role(self):
     view = MinimumRoleRequiredView()
     self.assertTrue(view.get_required_role(), Role.get_role(slug='admin'))
Example #13
0
 def get_user_role(self, request):
     return Role.get_role(request.user.role)
Example #14
0
 def get_role(self):
     return Role.get_role(self.role)
Example #15
0
class Account(AbstractBaseUser):
    role = models.CharField(max_length=255, choices=Role.get_roles())
    email = models.EmailField(max_length=255, unique=True)
    first_name = models.CharField(max_length=255)
    last_name = models.CharField(max_length=255)

    objects = AccountManager()

    USERNAME_FIELD = 'email'
    REQUIRED_FIELDS = ['first_name', 'last_name']

    is_superuser = models.BooleanField(
        'superuser status',
        default=False,
        help_text='Designates that this user has all permissions without '
        'explicitly assigning them.')

    is_staff = models.BooleanField(
        default=False,
        help_text='Designates whether the user can log into this admin site.')

    is_active = models.BooleanField(
        default=True,
        help_text='Designates whether this user should be treated as active. '
        'Unselect this instead of deleting accounts.')

    groups = models.ManyToManyField(
        Group,
        verbose_name='groups',
        blank=True,
        help_text='The groups this user belongs to. A user will '
        'get all permissions granted to each of '
        'their groups.',
        related_name="user_set",
        related_query_name="user")

    date_joined = models.DateTimeField(default=timezone.now)

    activation_key = models.CharField(max_length=40,
                                      default=make_activation_key)

    objects = AccountManager()

    def __str__(self):
        return self.get_full_name()

    def get_role(self):
        return Role.get_role(self.role)

    def get_username(self):
        return self.email

    def get_short_name(self):
        return self.first_name

    def get_full_name(self):
        return '%s %s' % (self.first_name, self.last_name)

    def send_activation_email(self, domain, applications, total_documents):
        #if self.role == Account.CLIENT:
        #    applications = LoanApplication.objects.filter(client=self.client, status=LoanApplication.PENDING)
        #    total_documents = ApplicationDocument.objects.filter(application__client=self.client).count()

        send_templated_mail(template_name='new_client_password_link',
                            from_email=ADMIN_EMAIL_SENDER,
                            recipient_list=[self.email],
                            context={
                                'domain': domain,
                                'account': self,
                                'applications': applications,
                                'total_documents': total_documents,
                            })

    """