def is_accounting_admin(user):
accounting_privilege = Role.get_privilege(privileges.ACCOUNTING_ADMIN)
if accounting_privilege is None:
return False
try:
return user.prbac_role.has_privilege(accounting_privilege)
except (AttributeError, UserRole.DoesNotExist):
return False
def is_accounting_admin(user):
accounting_privilege = Role.get_privilege(privileges.ACCOUNTING_ADMIN)
if accounting_privilege is None:
return False
try:
return user.prbac_role.has_privilege(accounting_privilege)
except (AttributeError, UserRole.DoesNotExist):
return False
def domain_has_privilege(domain, privilege_slug, **assignment):
from corehq.apps.accounting.models import Subscription
try:
plan_version = Subscription.get_subscribed_plan_by_domain(domain)[0]
privilege = Role.get_privilege(privilege_slug, assignment)
if privilege is None:
return False
if plan_version.role.has_privilege(privilege):
return True
except ProductPlanNotFoundError:
return False
except AccountingError:
pass
return False
def domain_has_privilege(domain, privilege_slug, **assignment):
from corehq.apps.accounting.models import Subscription
try:
plan_version = Subscription.get_subscribed_plan_by_domain(domain)[0]
privilege = Role.get_privilege(privilege_slug, assignment)
if privilege is None:
return False
if plan_version.role.has_privilege(privilege):
return True
except ProductPlanNotFoundError:
return False
except AccountingError:
pass
return False
def apply_prbac(cls, request):
if hasattr(request, 'domain'):
try:
plan_version, subscription = Subscription.get_subscribed_plan_by_domain(request.domain)
request.role = plan_version.role
request.plan = plan_version
request.subscription = subscription
return None
except AccountingError:
pass
privilege = Role.get_privilege('community_plan_v0')
if privilege is not None:
request.role = privilege.role
else:
request.role = Role() # A fresh Role() has no privileges
def apply_prbac(cls, request):
if hasattr(request, 'domain'):
try:
plan_version, subscription = Subscription.get_subscribed_plan_by_domain(request.domain)
request.role = plan_version.role
request.plan = plan_version
request.subscription = subscription
return None
except AccountingError:
pass
privilege = Role.get_privilege('community_plan_v1')
if privilege is not None:
request.role = privilege.role
else:
request.role = Role() # A fresh Role() has no privileges
def has_privilege(request, slug, **assignment):
"""
Returns true if the request has the privilege specified by slug,
otherwise false
"""
privilege = Role.get_privilege(slug, assignment)
if privilege is None:
return False
if hasattr(request, 'role'):
if request.role.has_privilege(privilege):
return True
if hasattr(request, 'user') and hasattr(request.user, 'prbac_role'):
try:
request.user.prbac_role
except UserRole.DoesNotExist:
return False
return request.user.prbac_role.has_privilege(privilege)
return False
def has_privilege(request, slug, **assignment):
"""
Returns true if the request has the privilege specified by slug,
otherwise false
"""
privilege = Role.get_privilege(slug, assignment)
if privilege is None:
return False
if hasattr(request, 'role'):
if request.role.has_privilege(privilege):
return True
if hasattr(request, 'user') and hasattr(request.user, 'prbac_role'):
try:
request.user.prbac_role
except UserRole.DoesNotExist:
return False
return request.user.prbac_role.has_privilege(privilege)
return False
