def pre_process(self, request, *args, **kwargs): """ Overloaded to load a report from a wetmill and season """ wetmill = Wetmill.objects.get(pk=kwargs['wetmill']) season = Season.objects.get(pk=kwargs['season']) if has_wetmill_permission(request.user, wetmill, "report_edit"): # get or create the report for this wetmill in this season report = Report.get_for_wetmill_season(wetmill, season, request.user) return HttpResponseRedirect( reverse('reports.report_read', args=[report.id])) elif has_wetmill_permission(request.user, wetmill, "report_view"): # Can view the existing reports which are finalized existing = Report.objects.filter(wetmill=wetmill, season=season, is_finalized=True) if existing: return HttpResponseRedirect( reverse('reports.report_read', args=[existing[0].id])) else: return HttpResponseRedirect(reverse('users.user_login')) else: return HttpResponseRedirect(reverse('users.user_login'))
def test_has_wetmill(self): # grant permissions to on the wetmill to the viewer user assign('wetmills.wetmill_wetmill_edit', self.viewer, self.nasho) self.assertTrue( has_wetmill_permission(self.viewer, self.nasho, 'wetmill_edit')) self.assertTrue( has_wetmill_permission(self.viewer, self.nasho, 'wetmill_edit', self.rwanda_2009)) # the admin has global access to this wetmill too self.assertTrue( has_wetmill_permission(self.admin, self.nasho, 'wetmill_edit', self.rwanda_2009))
def test_has_country(self): assign('locales.country_wetmill_edit', self.viewer, self.rwanda) self.assertTrue( has_wetmill_permission(self.viewer, self.nasho, 'wetmill_edit')) self.assertTrue( has_wetmill_permission(self.viewer, self.nasho, 'wetmill_edit', self.rwanda_2009)) self.assertFalse( has_wetmill_permission(self.viewer, self.kaguru, 'wetmill_edit')) # the admin user have global access thus he has permission to any wetmill self.assertTrue( has_wetmill_permission(self.admin, self.kaguru, 'wetmill_edit'))
def has_permission(self, request, *args, **kwargs): from perms.models import has_wetmill_permission self.request = request self.kwargs = kwargs has_perm = request.user.has_perm(self.permission) if not has_perm: has_perm = has_wetmill_permission(request.user, self.get_object(), 'wetmill_edit') return has_perm
def has_permission(self, request, *args, **kwargs): """ Overloaded to check the user's permission on wetmill level """ wetmill = Scorecard.objects.get(pk=kwargs['pk']).wetmill permissions = ["report_edit", "report_view"] has_perm = False for permission in permissions: has_perm = has_wetmill_permission(request.user, wetmill, permission) if has_perm: return has_perm return has_perm
def has_permission(self, request, *args, **kwargs): from perms.models import has_wetmill_permission if 'wetmill' in request.REQUEST: wetmill = Wetmill.objects.get(pk=int(request.REQUEST['wetmill'])) else: self.kwargs = kwargs wetmill = self.get_object().wetmill has_perm = request.user.has_perm(self.permission) if not has_perm: has_perm = has_wetmill_permission(request.user, wetmill, 'wetmill_edit') return has_perm
def render_to_response(self, context, **kwargs): from django.utils.translation import activate currency_code = self.request.REQUEST.get('currency', 'USD') currency = Currency.objects.get(currency_code=currency_code) weight_abbreviation = self.request.REQUEST.get('weight', 'Kg') weight = Weight.objects.get( abbreviation__iexact=weight_abbreviation) try: from cStringIO import StringIO except ImportError: # pragma: no cover from StringIO import StringIO response = HttpResponse(mimetype='application/pdf') response[ 'Content-Disposition'] = 'attachment; filename=%s_%s.pdf' % ( self.object.wetmill.name.lower(), currency.currency_code.lower()) show_buyers = has_wetmill_permission(self.request.user, self.object.wetmill, 'report_edit') # activate our local activate(self.request.REQUEST.get('lang', 'en_us')) output_buffer = StringIO() pdf_report = PDFReport(self.object, currency, weight, report_mode=self.request.REQUEST.get( 'report_mode', 'CR'), show_buyers=show_buyers) pdf_report.render(output_buffer) response.write(output_buffer.getvalue()) output_buffer.close() # back to english activate('en_us') return response
def test_has_csp(self): assign('csps.csp_wetmill_edit', self.viewer, self.rtc) # nasho isn't associated with any CSPs for any season, so no access self.assertFalse( has_wetmill_permission(self.viewer, self.nasho, 'wetmill_edit')) self.assertFalse( has_wetmill_permission(self.viewer, self.nasho, 'wetmill_edit', self.rwanda_2009)) # but as the admin has the full access to any csp there visit to nasho wont be a problem self.assertTrue( has_wetmill_permission(self.admin, self.nasho, 'wetmill_edit')) self.assertTrue( has_wetmill_permission(self.admin, self.nasho, 'wetmill_edit', self.rwanda_2009)) # let's add RTC as the CSP for rwanda for 2010 self.nasho.set_csp_for_season(self.rwanda_2010, self.rtc) # true, the most recent season of 2010 is implied self.assertTrue( has_wetmill_permission(self.viewer, self.nasho, 'wetmill_edit')) # false, RTC isn't the CSP for 2009 self.assertFalse( has_wetmill_permission(self.viewer, self.nasho, 'wetmill_edit', self.rwanda_2009)) # remove all seasons, try again Season.objects.all().delete() self.assertFalse( has_wetmill_permission(self.viewer, self.nasho, 'wetmill_edit')) self.assertFalse( has_wetmill_permission(self.viewer, self.nasho, 'wetmill_edit', self.rwanda_2009))
def has_permission(self, request, *args, **kwargs): from perms.models import has_wetmill_permission scorecard = self.get_object() return has_wetmill_permission(request.user, scorecard.wetmill, 'scorecard_edit', season=scorecard.season)
def test_not_logged_in(self): self.assertFalse( has_wetmill_permission(self.viewer, self.nasho, 'wetmill_edit')) self.assertFalse( has_wetmill_permission(self.viewer, self.nasho, 'wetmill_edit', self.rwanda_2009))
def has_permission(self, request, *args, **kwargs): """ Overloaded to check the user's permission on wetmill level """ wetmill = Sale.objects.get(pk=kwargs['pk']).report.wetmill return has_wetmill_permission(request.user, wetmill, 'report_edit')