def has_perm(self, user_obj, perm, obj=None):
if not user_obj.is_active:
return False
if user_obj.is_superuser:
return True
app_label, perm_name = perm.split('.', 1)
extensions = fetch_aristotle_settings().get('CONTENT_EXTENSIONS', [])
if app_label == "aristotle_mdr" and hasattr(perms, perm_name):
return getattr(perms, perm_name)(user_obj, obj)
from django.apps import apps
from aristotle_mdr.models import _concept
perm_parts = perm_name.split("_")
if len(perm_parts) == 2:
model = apps.get_model(app_label, perm_parts[1])
elif obj is not None:
model = type(obj)
else:
model = int
if app_label in extensions + ["aristotle_mdr"] and issubclass(model, _concept):
# This is required so that a user can correctly delete the 'concept' parent class in the admin site.
# This is a rough catch all, and is designed to indicate a user could
# delete an item type, but not a specific item.
if (
perm_name.startswith('delete_') or
perm_name.startswith('create_') or
perm_name.startswith('add_')
):
if obj is None:
return perms.user_is_editor(user_obj)
else:
return perms.user_can_edit(user_obj, obj)
if app_label in extensions + ["aristotle_mdr"]:
if perm_name == "delete_concept_from_admin":
return obj is None or perms.user_can_edit(user_obj, obj)
if perm == "aristotle_mdr.can_create_metadata":
return perms.user_is_editor(user_obj)
if perm == "aristotle_mdr.view_workgroup":
return perms.user_in_workgroup(user_obj, obj)
if perm == "aristotle_mdr.can_leave_workgroup":
return perms.user_in_workgroup(user_obj, obj)
if perm == "aristotle_mdr.change_workgroup_memberships":
return perms.user_is_workgroup_manager(user_obj, obj)
if perm == "aristotle_mdr.change_workgroup":
return perms.user_is_workgroup_manager(user_obj, obj)
if perm == "aristotle_mdr.can_archive_workgroup":
return perms.user_is_workgroup_manager(user_obj, obj)
if perm == "aristotle_mdr.can_view_discussions_in_workgroup":
return perms.user_in_workgroup(user_obj, obj)
if perm == "aristotle_mdr.can_post_discussion_in_workgroup":
return perms.user_in_workgroup(user_obj, obj)
if perm == "aristotle_mdr.can_view_discussion_post":
return perms.user_in_workgroup(user_obj, obj.workgroup)
if perm == "aristotle_mdr.view_registrationauthority_details":
return (
perms.user_is_registation_authority_manager(user_obj, obj) or
perms.user_is_registrar(user_obj, obj)
)
if perm == "aristotle_mdr.change_registrationauthority":
return perms.user_is_registation_authority_manager(user_obj, obj)
if perm == "aristotle_mdr.change_registrationauthority_memberships":
return perms.user_is_registation_authority_manager(user_obj, obj)
from aristotle_mdr.contrib.links import perms as link_perms
if perm == "aristotle_mdr_links.add_link":
return link_perms.user_can_make_link(user_obj)
return super().has_perm(user_obj, perm, obj)
def test_who_can_make_links(self):
# Anyone who has an active account is an editor, so everyone can make links
self.assertTrue(perms.user_can_make_link(self.registrar))
self.assertTrue(perms.user_can_make_link(self.viewer))
self.assertTrue(perms.user_can_make_link(self.editor))
self.assertTrue(perms.user_can_make_link(self.su))
def test_who_can_make_links(self):
# Anyone who has an active account is an editor, so everyone can make links
self.assertTrue(perms.user_can_make_link(self.registrar))
self.assertTrue(perms.user_can_make_link(self.viewer))
self.assertTrue(perms.user_can_make_link(self.editor))
self.assertTrue(perms.user_can_make_link(self.su))
def has_perm(self, user_obj, perm, obj=None):
if not user_obj.is_active:
return False
if user_obj.is_superuser:
return True
app_label, perm_name = perm.split('.', 1)
extensions = fetch_aristotle_settings().get('CONTENT_EXTENSIONS', [])
if app_label == "aristotle_mdr" and hasattr(perms, perm_name):
return getattr(perms, perm_name)(user_obj, obj)
from django.apps import apps
from aristotle_mdr.models import _concept
perm_parts = perm_name.split("_")
if len(perm_parts) == 2:
model = apps.get_model(app_label, perm_parts[1])
else:
model = int
if app_label in extensions + ["aristotle_mdr"] and issubclass(
model, _concept):
# This is required so that a user can correctly delete the 'concept' parent class in the admin site.
# This is a rough catch all, and is designed to indicate a user could
# delete an item type, but not a specific item.
if (perm_name.startswith('delete_')
or perm_name.startswith('create_')
or perm_name.startswith('add_')):
if obj is None:
return perms.user_is_editor(user_obj)
else:
return perms.user_can_edit(user_obj, obj)
if app_label in extensions + ["aristotle_mdr"]:
if perm_name == "delete_concept_from_admin":
return obj is None or perms.user_can_edit(user_obj, obj)
if perm == "aristotle_mdr.can_create_metadata":
return perms.user_is_editor(user_obj)
if perm == "aristotle_mdr.view_workgroup":
return perms.user_in_workgroup(user_obj, obj)
if perm == "aristotle_mdr.can_leave_workgroup":
return perms.user_in_workgroup(user_obj, obj)
if perm == "aristotle_mdr.change_workgroup_memberships":
return perms.user_is_workgroup_manager(user_obj, obj)
if perm == "aristotle_mdr.change_workgroup":
return perms.user_is_workgroup_manager(user_obj, obj)
if perm == "aristotle_mdr.can_archive_workgroup":
return perms.user_is_workgroup_manager(user_obj, obj)
if perm == "aristotle_mdr.can_view_discussions_in_workgroup":
return perms.user_in_workgroup(user_obj, obj)
if perm == "aristotle_mdr.can_post_discussion_in_workgroup":
return perms.user_in_workgroup(user_obj, obj)
if perm == "aristotle_mdr.can_view_discussion_post":
return perms.user_in_workgroup(user_obj, obj.workgroup)
if perm == "aristotle_mdr.view_registrationauthority_details":
return (perms.user_is_registation_authority_manager(user_obj, obj)
or perms.user_is_registrar(user_obj, obj))
if perm == "aristotle_mdr.change_registrationauthority":
return perms.user_is_registation_authority_manager(user_obj, obj)
if perm == "aristotle_mdr.change_registrationauthority_memberships":
return perms.user_is_registation_authority_manager(user_obj, obj)
from aristotle_mdr.contrib.links import perms as link_perms
if perm == "aristotle_mdr_links.add_link":
return link_perms.user_can_make_link(user_obj)
return super(AristotleBackend, self).has_perm(user_obj, perm, obj)