def __init__(self, *args, **kwargs):
super(UserForm, self).__init__(*args, **kwargs)
# If there's an existing user, set the initial state of the user rights.
if self.instance and self.instance.id:
user_rights = UserRights.get(self.instance)
self.initial.update({
'is_admin': user_rights.is_admin,
})
def __init__(self, *args, **kwargs):
super(UserForm, self).__init__(*args, **kwargs)
# If there's an existing user, set the initial state of the user rights.
if self.instance and self.instance.id:
user_rights = UserRights.get(self.instance)
self.initial.update({
'is_admin': user_rights.is_admin,
})
def get_queryset(self):
user = self.request.user
# If the user is an admin, they get to see all projects.
if UserRights.get(user).is_admin:
return Project.objects.all()
# Everyone else sees project they own or that their team(s) can access.
else:
project_teams = ProjectTeam.objects.filter(team__users__exact=user)
return Project.objects.filter(Q(teams__in=project_teams) | Q(owner=user)).distinct()
def get_queryset(self):
user = self.request.user
# If the user is an admin, they get to see all projects.
if UserRights.get(user).is_admin:
return Project.objects.all()
# Everyone else sees project they own or that their team(s) can access.
else:
project_teams = ProjectTeam.objects.filter(team__users__exact=user)
return Project.objects.filter(
Q(teams__in=project_teams) | Q(owner=user)).distinct()
def check_user(request):
# Check if the user has been authenticated.
if not request.user.is_authenticated():
return False
# Check if the user is an administrator.
if UserRights.get(request.user).is_admin:
return True
# Check if an exception should be raised.
if raise_exception:
raise PermissionDenied
# User doesn't have the correct rights.
return False
def check_user(request):
# Check if the user has been authenticated.
if not request.user.is_authenticated():
return False
# Check if the user is an administrator.
if UserRights.get(request.user).is_admin:
return True
# Check if an exception should be raised.
if raise_exception:
raise PermissionDenied
# User doesn't have the correct rights.
return False
def user_has_access(self, user, access_level):
# If the user is the project owner, they automatically get access.
if user == self.owner:
return True
# If the user is a system admin, they automatically get access.
if UserRights.get(user).is_admin:
return True
# Otherwise, check the teams to see if the user is in a team that's
# been given access.
for team in self.teams.all():
if team.has_access(access_level) and team.contains_user(user):
return True
# Fail to no access.
return False
def user_has_access(self, user, access_level):
# If the user is the project owner, they automatically get access.
if user == self.owner:
return True
# If the user is a system admin, they automatically get access.
if UserRights.get(user).is_admin:
return True
# Otherwise, check the teams to see if the user is in a team that's
# been given access.
for team in self.teams.all():
if team.has_access(access_level) and team.contains_user(user):
return True
# Fail to no access.
return False
