def detail(request, slug, template_name="studygroups/detail.html"): study_group = get_object_or_404(StudyGroup, slug=slug) if has_perm(request.user, 'studygroup.view_studygroup', study_group): EventLog.objects.log(instance=study_group) officers = study_group.officers() #has_group_view_permission is True if there is at least one #group where the user is a member that has a view_studygroup permission. has_group_view_permission = False #Check user for group view permissions if request.user.is_authenticated(): groups = request.user.group_set.all() perms = has_groups_perms(study_group).filter(group__in=groups) for perm in perms: #Check if permission has view studygroup permission has_group_view_permission |= perm.codename == 'view_studygroup' if has_group_view_permission: break filters = get_query_filters(request.user, 'files.view_file') files = File.objects.filter(filters).filter(group=study_group.group).distinct() return render_to_response(template_name, { 'study_group': study_group, 'officers': officers, 'files': files, 'has_group_view_permission': has_group_view_permission, }, context_instance=RequestContext(request)) else: raise Http403
def detail(request, slug, template_name="committees/detail.html"): committee = get_object_or_404(Committee, slug=slug) if has_perm(request.user, "committee.view_committee", committee): EventLog.objects.log(instance=committee) officers = committee.officers() # has_group_view_permission is True if there is at least one # group where the user is a member that has a view_committee permission. has_group_view_permission = False # Check user for group view permissions if request.user.is_authenticated(): groups = request.user.group_set.all() perms = has_groups_perms(committee).filter(group__in=groups) for perm in perms: # Check if permission has view committee permission has_group_view_permission |= perm.codename == "view_committee" if has_group_view_permission: break filters = get_query_filters(request.user, "files.view_file") files = File.objects.filter(filters).filter(group=committee.group).distinct() return render_to_response( template_name, { "committee": committee, "officers": officers, "files": files, "has_group_view_permission": has_group_view_permission, }, context_instance=RequestContext(request), ) else: raise Http403
def obj_perms(self): from tendenci.core.perms.fields import has_groups_perms t = '<span class="perm-%s">%s</span>' if self.allow_anonymous_view: value = t % ('public','Public') elif self.allow_user_view: value = t % ('users','Users') elif self.allow_member_view: value = t % ('members','Members') elif has_groups_perms(self): value = t % ('groups','Groups') else: value = t % ('private','Private') return mark_safe(value)