def handle(self, *args, **options):
content_types = [Dataset, DatasetField]
#Permission.objects.all().delete()
#PERMISSIONS
register_permission(settings.PERMISSION_VIEW_NAME,
settings.PERMISSION_VIEW_NAME, content_types)
register_permission(settings.PERMISSION_EDIT_NAME,
settings.PERMISSION_EDIT_NAME, content_types)
register_permission(settings.PERMISSION_CREATE_NAME,
settings.PERMISSION_CREATE_NAME, content_types)
register_permission(settings.PERMISSION_DELETE_NAME,
settings.PERMISSION_DELETE_NAME, content_types)
logging.getLogger(__name__).info(
"Созданы разрешения: Просмотр, Редактировать, Создать, Удалить.")
# ROLES
#Role.objects.all().delete()
register_role(settings.ROLE_DEVELOPER_NAME)
register_role(settings.ROLE_ADMIN_NAME)
register_role(settings.ROLE_MANAGER_NAME)
register_role(settings.ROLE_EDITOR_NAME)
register_role(settings.ROLE_VIEWER_NAME)
logging.getLogger(__name__).info(
"Созданы роли: Разработчик, Администратор, Менеджер, Редактор, Обозреватель."
)
def perm(request):
workflow = Workflow.objects.get(name="Standard")
private = State.objects.get(name="Private", workflow= workflow)
public = State.objects.get(name="Public", workflow= workflow)
# Add a role
from permissions.utils import register_role
owner = Role.objects.get(name='Owner')
# Create a user
from django.contrib.auth.models import User
user = User.objects.get(username="******")
# Assign user to role
owner.add_principal(user)
# Create example content type
page_1 = Project.objects.get(name="abc")
# Register permissions
from permissions.utils import register_permission
view = register_permission("View", "view")
edit = register_permission("Edit", "edit")
# Add all permissions which are managed by the workflow
from workflows.models import WorkflowPermissionRelation
WorkflowPermissionRelation.objects.create(workflow=workflow, permission=view)
WorkflowPermissionRelation.objects.create(workflow=workflow, permission=edit)
# Add permissions for the single states
from workflows.models import StatePermissionRelation
StatePermissionRelation.objects.create(state=public, permission=view, role=owner)
StatePermissionRelation.objects.create(state=private, permission=view, role=owner)
StatePermissionRelation.objects.create(state=private, permission=edit, role=owner)
# Assign the workflow to the content object
from workflows.utils import set_workflow
set_workflow(page_1, workflow)
# Now self.page_1 has the intial workflow state.
from permissions.utils import has_permission
print has_permission(page_1, user, "edit")
# Now we change the workflow state
set_state(page_1, public)
print has_permission(page_1, user, "edit")
def project_install(sender, **kwargs):
verbosity = kwargs.get('verbosity', 1)
roles = []
for role in settings.PROJECT_ROLES:
r = register_role(role)
roles.append(r)
perms = []
for perm in settings.PROJECT_PERMISSIONS:
p = register_permission(perm[1], perm[0], [Project])
perms.append(p)
if verbosity > 0:
if any(roles):
print "Project roles added:",
for r in roles:
print r, ",",
else:
print ""
if any(perms):
print "Project permissions :",
for p in perms:
print p, ",",
else:
print ""
projects = Project.objects.all()
for project in projects:
project._grant_permissions()
def init_permissions(sender, **kwargs):
## register project-level Roles
for (name, description) in ROLES_LIST:
PermissionsRegister.roles_dict[name] = register_role(name)
## register project-level Permissions
for (codename, name) in PERMISSIONS_LIST:
PermissionsRegister.perms_dict[codename] = register_permission(name, codename)
return
def init_permissions(sender, **kwargs):
## register project-level Roles
for (name, description) in ROLES_LIST:
PermissionsRegister.roles_dict[name] = register_role(name)
## register project-level Permissions
for (codename, name) in PERMISSIONS_LIST:
PermissionsRegister.perms_dict[codename] = register_permission(
name, codename)
return
def create_permissions(self):
"""
Создать разрешения
"""
content_types = [Dataset, DatasetField]
register_permission(settings.PERMISSION_VIEW_NAME,
settings.PERMISSION_VIEW_NAME, content_types)
register_permission(settings.PERMISSION_EDIT_NAME,
settings.PERMISSION_EDIT_NAME, content_types)
register_permission(settings.PERMISSION_CREATE_NAME,
settings.PERMISSION_CREATE_NAME, content_types)
register_permission(settings.PERMISSION_DELETE_NAME,
settings.PERMISSION_DELETE_NAME, content_types)
logging.getLogger(__name__).info(
u"Созданы разрешения: Просмотр, Редактировать, Создать, Удалить.")
def setUp(self):
"""
Pre-execution
"""
# test users
self.test_admin = User.objects.create_user('admin', '*****@*****.**',
'123')
self.test_manager = User.objects.create_user('manager',
'*****@*****.**', '123')
self.test_viewer = User.objects.create_user('viewer',
'*****@*****.**', '123')
self.test_editor = User.objects.create_user('editor',
'*****@*****.**', '123')
self.test_developer = User.objects.create_user('developer',
'*****@*****.**',
'123')
#PERMISSIONS
register_permission(settings.PERMISSION_VIEW_NAME,
settings.PERMISSION_VIEW_NAME)
register_permission(settings.PERMISSION_EDIT_NAME,
settings.PERMISSION_EDIT_NAME)
register_permission(settings.PERMISSION_CREATE_NAME,
settings.PERMISSION_CREATE_NAME)
register_permission(settings.PERMISSION_DELETE_NAME,
settings.PERMISSION_DELETE_NAME)
# ROLES
register_role(settings.ROLE_DEVELOPER_NAME)
register_role(settings.ROLE_ADMIN_NAME)
register_role(settings.ROLE_MANAGER_NAME)
register_role(settings.ROLE_EDITOR_NAME)
register_role(settings.ROLE_VIEWER_NAME)
# ASSIGN ROlES
add_role(self.test_editor,
Role.objects.get(name=settings.ROLE_EDITOR_NAME))
add_role(self.test_viewer,
Role.objects.get(name=settings.ROLE_VIEWER_NAME))
add_role(self.test_admin,
Role.objects.get(name=settings.ROLE_ADMIN_NAME))
add_role(self.test_manager,
Role.objects.get(name=settings.ROLE_MANAGER_NAME))
add_role(self.test_developer,
Role.objects.get(name=settings.ROLE_DEVELOPER_NAME))
def create_roles(app, created_models, verbosity, **kwargs):
roles = {}
for role in settings.ROLES:
roles[role] = register_role(role[1])
register_permission('View', 'view')
register_permission('Edit', 'edit')
register_permission('Add', 'add')
register_permission('Delete', 'delete')
register_permission('Socialize', 'socialize')
register_permission('Rate', 'rate')
print "roles creados"
from permissions.utils import register_permission
from permissions.utils import register_role
from permissions.utils import grant_permission
from permissions.utils import has_permission
from .models import Student
view = register_permission("View", "view")
edit = register_permission("Edit", "edit")
delete = register_permission("Delete", "delete")
add = register_permission("Add", "add")
manage_content = register_permission("Manage content", "manage_content")
school_admin = register_role("Admin")
educator = register_role("Educator")
guardian = register_role("Guardian")
student = register_role("Student")
#school_admin permissions
grant_permission(Student, school_admin, "view")
grant_permission(Student, school_admin, "delete")
#educator permissions
grant_permission(Student, educator, "view")
grant_permission(Student, educator, "edit")
grant_permission(Student, educator, "add")
#student permissions
grant_permission(Student.avatar, student, "edit")
grant_permission(Student, student, "view")
# grant_permission(Spend_points, student, "add")
def get_or_create_workflow(model):
"""
Iterate for the application workflow list and configure each workflow listed in WORKFLOWS settings
"""
from models import State, Workflow, StatePermissionRelation, WorkflowPermissionRelation, Transition
try:
workflow = get_workflow_for_model(ContentType.objects.get_for_model(model))
except Exception as e:
return None
if not workflow:
workflows_settings = getattr(settings, 'WORKFLOWS', {})
wf_item = workflows_settings.get("%s.%s" % (model.__module__, model.__name__), None)
if not wf_item:
return None
try:
wf_name = wf_item['name']
# ROLES
dict_roles = {}
roles = get_wf_dict_value(wf_item, 'roles', wf_name)
for role in roles:
dict_roles[role], created = Role.objects.get_or_create(name=role)
# PERMISSIONS
dict_permissions = {}
permissions = get_wf_dict_value(wf_item, 'permissions', wf_name)
for permission in permissions:
perm_name = get_wf_dict_value(permission, 'name', 'permissions', wf_name)
perm_codename = get_wf_dict_value(permission, 'codename', 'permissions', wf_name)
dict_permissions[perm_codename] = perm_utils.register_permission(
name=perm_name,
codename=perm_codename
)
# the permission registration returned False if the permission already exists
if not dict_permissions[perm_codename]:
dict_permissions[perm_codename] = Permission.objects.get(name=perm_name, codename=perm_codename)
# creating workflow
workflow = Workflow.objects.create(name=wf_name)
# setting model
workflow.set_to_model(ContentType.objects.get_for_model(model))
dict_states = {}
# INITIAL STATE
initial_state = get_wf_dict_value(wf_item, 'initial_state', wf_name)
initial_state_name = get_wf_dict_value(initial_state, 'name', wf_name, 'initial_state')
initial_state_alias = initial_state.get('alias', None)
wf_initial_state = State.objects.create(name=initial_state_name, alias=initial_state_alias, workflow=workflow)
dict_states[initial_state_name] = wf_initial_state
# sets and save the initial state
workflow.initial_state = wf_initial_state
workflow.save()
state_perm_relations = initial_state.get('state_perm_relation', False)
# if [True] creates the State Permission Relation
if state_perm_relations:
for state_perm_relation in state_perm_relations:
role = get_wf_dict_value(state_perm_relation, 'role', wf_name, 'state_perm_relation')
permission = get_wf_dict_value(state_perm_relation, 'permission', wf_name, 'state_perm_relation')
StatePermissionRelation.objects.get_or_create(
state=wf_initial_state,
role=get_wf_dict_value(dict_roles, role, wf_name, 'dict_roles'),
permission=get_wf_dict_value(dict_permissions, permission, wf_name, 'dict_permissions')
)
# STATES
states = get_wf_dict_value(wf_item, 'states', wf_name)
for state in states:
state_name = get_wf_dict_value(state, 'name', wf_name, 'states')
state_alias = state.get('alias', None)
wf_state = State.objects.create(name=state_name, alias=state_alias, workflow=workflow)
dict_states[state_name] = wf_state
state_perm_relations = state.get('state_perm_relation', False)
# if [True] creates the State Permission Relation
if state_perm_relations:
for state_perm_relation in state_perm_relations:
role = get_wf_dict_value(state_perm_relation, 'role', wf_name, 'state_perm_relation')
permission = get_wf_dict_value(state_perm_relation, 'permission', wf_name, 'state_perm_relation')
StatePermissionRelation.objects.get_or_create(
state=wf_state,
role=get_wf_dict_value(dict_roles, role, wf_name, 'dict_roles'),
permission=get_wf_dict_value(dict_permissions, permission, wf_name, 'dict_permissions')
)
# creating the Workflow Permission Relation
for wf_permission in dict_permissions.itervalues():
WorkflowPermissionRelation.objects.get_or_create(workflow=workflow, permission=wf_permission)
# TRANSITIONS
dict_transitions = {}
transitions = get_wf_dict_value(wf_item, 'transitions', wf_name)
for transition in transitions:
name = get_wf_dict_value(transition, 'name', wf_name, 'transitions')
destination = get_wf_dict_value(transition, 'destination', wf_name, 'transitions')
permission = get_wf_dict_value(transition, 'permission', wf_name, 'transitions')
wf_transition, created = Transition.objects.get_or_create(
name=name,
workflow=workflow,
destination=get_wf_dict_value(dict_states, destination, wf_name, 'dict_states'),
permission=get_wf_dict_value(dict_permissions, permission, wf_name, 'dict_permissions'),
description=get_wf_dict_value(transition, 'description', wf_name, 'transitions'),
condition=transition.get('condition', ''),
)
dict_transitions[name] = wf_transition
# CREATING THE STATE TRANSITIONS RELATION
state_transitions = get_wf_dict_value(wf_item, 'state_transitions', wf_name)
for state_name, transitions in state_transitions.items():
state = get_wf_dict_value(dict_states, state_name, wf_name, 'dict_states')
for transition_name in transitions:
transition = get_wf_dict_value(dict_transitions, transition_name, wf_name, 'dict_transitions')
state.transitions.add(transition)
except KeyError:
raise ImproperlyConfigured('The attribute or key (name), must be specified in the workflow configuration.')
return workflow
