def season(self):
if not hasattr(self, '_season'):
try:
seasonpk = int(
self.kwargs['seasonpk'] if 'seasonpk' in self.kwargs
else self.kwargs['pk']
)
self._season = Season.objects.get(pk=seasonpk)
# Check that the intersection isn't empty
usercantons = user_cantons(self.request.user)
if usercantons and not list(
set(usercantons)
.intersection(set(self._season.cantons))
):
raise PermissionDenied
except LookupError:
# That user doesn't have allowed seasons
if self.allow_season_fetch:
self._season = Season.objects.get(pk=seasonpk)
else:
self._season = None
except KeyError:
# We're looking at a list
self._season = None
except Season.DoesNotExist:
# I can't see it, or it doesn't exist
raise ValueError("Can't see season or it doesn't exist")
return self._season
def inusercantons(user, canton):
try:
usercantons = user_cantons(user)
if usercantons:
return canton in usercantons
return True
except PermissionDenied:
return
def get_form_kwargs(self):
kwargs = super(ProfileMixin, self).get_form_kwargs()
if self.cantons:
try:
kwargs['cantons'] = user_cantons(self.request.user)
except LookupError:
pass
return kwargs
def get_form_kwargs(self):
kwargs = super(UserSelfAccessMixin, self).get_form_kwargs()
if has_permission(self.request.user, self.required_permission):
kwargs['allow_email'] = True
try:
kwargs['cantons'] = user_cantons(self.request.user)
except LookupError:
pass
return kwargs
def get_queryset(self):
qs = self.model.objects
try:
usercantons = user_cantons(self.request.user)
except LookupError:
raise PermissionDenied
if usercantons:
qs = qs.filter(address_canton__in=usercantons)
return qs
def get_filterset_kwargs(self, filterset_class):
kwargs = (
super(OrganizationsListView, self)
.get_filterset_kwargs(filterset_class)
)
usercantons = user_cantons(self.request.user)
if usercantons:
kwargs['cantons'] = usercantons
return kwargs
def get_form_kwargs(self):
kwargs = super(CantonSeasonFormMixin, self).get_form_kwargs()
kwargs['season'] = self.season
try:
cantons = user_cantons(self.request.user)
except LookupError:
cantons = None
if self.season and cantons:
# Check that one canton is in the intersection
cantons = list(set(cantons).intersection(set(self.season.cantons)))
kwargs['cantons'] = cantons
return kwargs
def get_seasons(self, raise_without_cantons=False):
qs = Season.objects
usercantons = []
try:
usercantons = user_cantons(self.user)
except LookupError:
if raise_without_cantons:
raise PermissionDenied
if self.formation or self.actor_for:
usercantons = [self.affiliation_canton]
if self.activity_cantons:
usercantons += self.activity_cantons
if usercantons:
cantons = [
Q(cantons__contains=state)
for state in usercantons
]
return qs.filter(reduce(operator.or_, cantons))
return qs.none()
def dispatch(self, request, *args, **kwargs):
edit = kwargs.pop('edit', False)
try:
usercantons = user_cantons(request.user)
except LookupError:
usercantons = False
user = self.get_object()
if (
# Soit c'est moi
request.user.pk == user.pk or
# Soit j'ai le droit sur tous les cantons
has_permission(request.user, 'cantons_all') or
# Soit il est dans mes cantons et j'ai droit
(
usercantons and
(
# Il est dans mes cantons d'affiliation
user.profile.affiliation_canton in usercantons or
(
# Je ne fais que le consulter et il est dans mes
# cantons d'activité
not edit and
user.profile.activity_cantons and
len(
set(user.profile.activity_cantons)
.intersection(usercantons)
) != 0
)
) and
has_permission(request.user, self.required_permission)
)
):
return (
super(UserSelfAccessMixin, self)
.dispatch(request, *args, **kwargs)
)
else:
raise PermissionDenied
def get_queryset(self):
if self.model == Season:
return self.request.user.profile.get_seasons(
self.raise_without_cantons
)
qs = super(SeasonMixin, self).get_queryset()
if self.model == get_user_model():
try:
usercantons = user_cantons(self.request.user)
except LookupError:
if self.raise_without_cantons:
raise PermissionDenied
return qs
# Check that the intersection isn't empty
cantons = list(
set(usercantons)
.intersection(set(self.season.cantons))
)
if not cantons:
raise PermissionDenied
return qs
def get_queryset(self):
try:
qs = super(ProfileMixin, self).get_queryset()
except AttributeError:
qs = get_user_model().objects
qs = (
qs
.prefetch_related('profile')
.order_by('first_name', 'last_name')
)
try:
usercantons = user_cantons(self.request.user)
except LookupError:
raise PermissionDenied
if usercantons:
allcantons_filter = [
Q(profile__activity_cantons__contains=canton)
for canton in usercantons
] + [
Q(profile__affiliation_canton__in=usercantons)
]
qs = qs.filter(reduce(operator.or_, allcantons_filter))
return qs
def get_form_kwargs(self):
kwargs = super(OrganizationMixin, self).get_form_kwargs()
kwargs['cantons'] = user_cantons(self.request.user)
return kwargs
