def has_repo_config_access(self, user, obj):
"""
Check user has access to object
:param user: User instance
:param obj: ManagedObject instance
:return: True if user has access, False otherwise
"""
if user.is_superuser:
return True
return ManagedObject.objects.filter(id=obj.id).filter(UserAccess.Q(user)).exists()
def search(cls, handler, query):
q = Q(name__icontains=query)
sq = ManagedObject.get_search_Q(query)
if sq:
q |= sq
if not handler.current_user.is_superuser:
q &= UserAccess.Q(handler.current_user)
r = []
for mo in ManagedObject.objects.filter(q):
r += [{
"scope": "managedobject",
"id": mo.id,
"label": "%s (%s) [%s]" % (mo.name, mo.address, mo.platform),
}]
return r
def queryset(self, request, query=None):
"""
Filter records for lookup
"""
self.logger.info("Queryset %s" % query)
if self.managed_filter:
q = d_Q(is_managed=True)
else:
q = d_Q()
if not request.user.is_superuser:
q &= UserAccess.Q(request.user)
if query:
sq = ManagedObject.get_search_Q(query)
if sq:
q &= sq
else:
q &= d_Q(name__contains=query)
return self.model.objects.filter(q)
def queryset(self, request, query=None):
qs = super(ManagedObjectApplication, self).queryset(request, query)
if not request.user.is_superuser:
qs = qs.filter(UserAccess.Q(request.user))
qs = qs.exclude(name__startswith="wiping-")
return qs
