def assign_perm(self, perm, user_or_group, obj):
"""
Assigns permission with given ``perm`` for an instance ``obj`` and
``user``.
"""
if getattr(obj, 'pk', None) is None:
raise ObjectNotPersisted("Object %s needs to be persisted first" %
obj)
ctype = get_content_type(obj)
if not isinstance(perm, Permission):
permission = Permission.objects.get(content_type=ctype,
codename=perm)
else:
permission = perm
kwargs = {
'permission': permission,
self.user_or_group_field: user_or_group
}
if self.is_generic():
kwargs['content_type'] = ctype
kwargs['object_pk'] = obj.pk
else:
kwargs['content_object'] = obj
obj_perm, _ = self.get_or_create(**kwargs)
return obj_perm
def remove_perm(self, perm, user_or_group, obj):
"""
Removes permission ``perm`` for an instance ``obj`` and given ``user_or_group``.
Please note that we do NOT fetch object permission from database - we
use ``Queryset.delete`` method for removing it. Main implication of this
is that ``post_delete`` signals would NOT be fired.
"""
if getattr(obj, 'pk', None) is None:
raise ObjectNotPersisted("Object %s needs to be persisted first"
% obj)
filters = Q(**{self.user_or_group_field: user_or_group})
if isinstance(perm, Permission):
filters &= Q(permission=perm)
else:
filters &= Q(permission__codename=perm,
permission__content_type=get_content_type(obj))
if self.is_generic():
filters &= Q(object_pk=obj.pk)
else:
filters &= Q(content_object__pk=obj.pk)
return self.filter(filters).delete()
def get_for_object(self, user, obj):
if getattr(obj, 'pk', None) is None:
raise ObjectNotPersisted("Object %s needs to be persisted first" %
obj)
ctype = ContentType.objects.get_for_model(obj)
perms = self.filter(
content_type=ctype,
user=user,
)
return perms
def remove_perm(self, perm, group, obj):
"""
Removes permission ``perm`` for an instance ``obj`` and given ``group``.
"""
if getattr(obj, 'pk', None) is None:
raise ObjectNotPersisted("Object %s needs to be persisted first" %
obj)
self.filter(
permission__codename=perm,
group=group,
object_pk=obj.pk,
content_type=ContentType.objects.get_for_model(obj))\
.delete()
def remove_perm(self, perm, user, obj, ctype=None):
"""
Removes permission ``perm`` for an instance ``obj`` and given ``user``.
"""
if getattr(obj, 'pk', None) is None:
raise ObjectNotPersisted("Object %s needs to be persisted first" %
obj)
if not ctype:
ctype = ContentType.objects.get_for_model(obj)
(self.filter(permission__codename=perm,
user=user,
object_pk=obj.pk,
content_type=ctype).delete())
def assign(self, perm, user, obj):
"""
Assigns permission with given ``perm`` for an instance ``obj`` and
``user``.
"""
if getattr(obj, 'pk', None) is None:
raise ObjectNotPersisted("Object %s needs to be persisted first" %
obj)
ctype = ContentType.objects.get_for_model(obj)
permission = Permission.objects.get(content_type=ctype, codename=perm)
obj_perm, created = self.get_or_create(content_type=ctype,
permission=permission,
object_pk=obj.pk,
user=user)
return obj_perm
def remove_perm(self, perm, user, obj):
"""
Removes permission ``perm`` for an instance ``obj`` and given ``user``.
"""
if getattr(obj, 'pk', None) is None:
raise ObjectNotPersisted("Object %s needs to be persisted first" %
obj)
filters = {
'permission__codename': perm,
'permission__content_type': ContentType.objects.get_for_model(obj),
'user': user,
}
if self.is_generic():
filters['object_pk'] = obj.pk
else:
filters['content_object__pk'] = obj.pk
self.filter(**filters).delete()
def assign_perm(self, perm, group, obj):
"""
Assigns permission with given ``perm`` for an instance ``obj`` and
``group``.
"""
if getattr(obj, 'pk', None) is None:
raise ObjectNotPersisted("Object %s needs to be persisted first" %
obj)
ctype = ContentType.objects.get_for_model(obj)
permission = Permission.objects.get(content_type=ctype, codename=perm)
kwargs = {'permission': permission, 'group': group}
if self.is_generic():
kwargs['content_type'] = ctype
kwargs['object_pk'] = obj.pk
else:
kwargs['content_object'] = obj
obj_perm, created = self.get_or_create(**kwargs)
return obj_perm
def assign_perm(self,
perm,
user_or_group,
obj,
renewal_period=None,
subscribe_to_emails=True):
"""
Assigns permission with given ``perm`` for an instance ``obj`` and
``user``.
"""
if getattr(obj, 'pk', None) is None:
raise ObjectNotPersisted("Object %s needs to be persisted first" %
obj)
ctype = get_content_type(obj)
if not isinstance(perm, Permission):
permission = Permission.objects.get(content_type=ctype,
codename=perm)
else:
permission = perm
kwargs = {
'permission': permission,
self.user_or_group_field: user_or_group
}
if self.is_generic():
kwargs['content_type'] = ctype
kwargs['object_pk'] = obj.pk
else:
kwargs['content_object'] = obj
obj_perm, _ = self.get_or_create(**kwargs)
obj_perm.permission_expiry = calculate_permission_expiry(
obj_perm, renewal_period)
if subscribe_to_emails:
obj_perm.permission_expiry_0day_email_sent = False
obj_perm.permission_expiry_30day_email_sent = False
else:
obj_perm.permission_expiry_0day_email_sent = True
obj_perm.permission_expiry_30day_email_sent = True
obj_perm.save()
return obj_perm
def remove_perm(self, perm, user, obj):
"""
Removes permission ``perm`` for an instance ``obj`` and given ``user``.
Please note that we do NOT fetch object permission from database - we
use ``Queryset.delete`` method for removing it. Main implication of this
is that ``post_delete`` signals would NOT be fired.
"""
if getattr(obj, 'pk', None) is None:
raise ObjectNotPersisted("Object %s needs to be persisted first" %
obj)
filters = {
'permission__codename': perm,
'permission__content_type': ContentType.objects.get_for_model(obj),
'user': user,
}
if self.is_generic():
filters['object_pk'] = obj.pk
else:
filters['content_object__pk'] = obj.pk
self.filter(**filters).delete()