def has_module_perms(self, user_obj, app_label):
"""
Returns True if the requested app is an aristotle extension.
Actual permissions to edit/change content are covered in aristotle_mdr.admin
Otherwise, it returns as per Django permissions
"""
extensions = fetch_aristotle_settings().get('CONTENT_EXTENSIONS', [])
if app_label in extensions + ["aristotle_mdr"]:
return perms.user_is_authenticated_and_active(user_obj)
return super().has_module_perms(user_obj, app_label)
def has_perm(self, user_obj, perm, obj=None):
if not user_obj.is_active:
return False
if user_obj.is_superuser:
return True
app_label, perm_name = perm.split('.', 1)
extensions = fetch_aristotle_settings().get('CONTENT_EXTENSIONS', [])
if app_label == "aristotle_mdr" and hasattr(perms, perm_name):
if obj:
return getattr(perms, perm_name)(user_obj, obj)
else:
return getattr(perms, perm_name)(user_obj)
from django.apps import apps
from aristotle_mdr.models import _concept
perm_parts = perm_name.split("_")
if len(perm_parts) == 2:
model = apps.get_model(app_label, perm_parts[1])
elif obj is not None:
model = type(obj)
else:
model = int
if app_label in extensions + ["aristotle_mdr"] and issubclass(
model, _concept):
# This is required so that a user can correctly delete the 'concept' parent class in the admin site.
# This is a rough catch all, and is designed to indicate a user could
# delete an item type, but not a specific item.
if (perm_name.startswith('delete_')
or perm_name.startswith('create_')
or perm_name.startswith('add_')):
if obj is None:
return perms.user_is_authenticated_and_active(user_obj)
else:
return perms.user_can_edit(user_obj, obj)
if app_label in extensions + ["aristotle_mdr"]:
if perm_name == "delete_concept_from_admin":
return obj is None or perms.user_can_edit(user_obj, obj)
if perm == "aristotle_mdr.can_create_metadata":
return perms.user_is_authenticated_and_active(user_obj)
if perm == "aristotle_mdr.can_view_workgroup":
return perms.user_can_view_workgroup(user_obj, obj)
if perm == "aristotle_mdr.can_leave_workgroup":
return perms.user_in_workgroup(user_obj, obj)
if perm == "aristotle_mdr.change_workgroup_memberships":
return perms.user_is_workgroup_manager(user_obj, obj)
if perm == "aristotle_mdr.change_workgroup":
return perms.user_is_workgroup_manager(user_obj, obj)
if perm == "aristotle_mdr.can_archive_workgroup":
return perms.user_is_workgroup_manager(user_obj, obj)
if perm == "aristotle_mdr.can_view_discussions_in_workgroup":
return perms.user_in_workgroup(user_obj, obj)
if perm == "aristotle_mdr.can_post_discussion_in_workgroup":
return perms.user_in_workgroup(user_obj, obj)
if perm == "aristotle_mdr.can_view_discussion_post":
return perms.user_in_workgroup(user_obj, obj.workgroup)
if perm == "aristotle_mdr.view_registrationauthority_details":
return (perms.user_is_registation_authority_manager(user_obj, obj)
or perms.user_is_registrar(user_obj, obj))
if perm == "aristotle_mdr.change_registrationauthority":
return perms.user_is_registation_authority_manager(user_obj, obj)
if perm == "aristotle_mdr.change_registrationauthority_memberships":
return perms.user_is_registation_authority_manager(user_obj, obj)
if perm == "user_can_create_workgroup":
return perms.user_can_create_workgroup(user_obj)
from aristotle_mdr.contrib.links import perms as link_perms
if perm == "aristotle_mdr_links.add_link":
return link_perms.user_can_make_link(user_obj)
return super().has_perm(user_obj, perm, obj)
def has_delete_permission(self, request, obj=None):
if obj is None:
return perms.user_is_authenticated_and_active(request.user)
else:
return request.user.has_perm("aristotle_mdr.delete_concept_from_admin", obj)
def has_add_permission(self, request):
return perms.user_is_authenticated_and_active(request.user)
def test_is_editor(self):
self.assertTrue(perms.user_is_authenticated_and_active(self.su))
def user_can_make_link(user):
"""
If a user can create metadata, they can make links
"""
return perms.user_is_authenticated_and_active(user)
