def queryset(self): if has_admin_access(self.user): files = File.objects.filter( status=FileStatus.READY ).exclude(type=FileType.TEXT).select_related("uploaded_by_id").prefetch_related("filetag_set__tag") else: roster = Roster.objects.filter(user=self.user).values('group') groups = Group.objects.filter(group_id__in=roster) group_files = GroupFile.objects.filter(group__in=groups).values('file') files = File.objects.filter( status=FileStatus.READY, file_id__in=group_files, ).exclude(type=FileType.TEXT).select_related("uploaded_by_id").prefetch_related("filetag_set__tag") return files
def queryset(self): if has_admin_access(self.user): files = File.objects.filter(status=FileStatus.READY).exclude( type=FileType.TEXT).select_related( "uploaded_by_id").prefetch_related("filetag_set__tag") else: roster = Roster.objects.filter(user=self.user).values('group') groups = Group.objects.filter(group_id__in=roster) group_files = GroupFile.objects.filter( group__in=groups).values('file') files = File.objects.filter( status=FileStatus.READY, file_id__in=group_files, ).exclude(type=FileType.TEXT).select_related( "uploaded_by_id").prefetch_related("filetag_set__tag") return files
def can_list_all_files(user): return has_admin_access(user)
def can_edit_file(user, file): return has_admin_access(user) or file.uploaded_by == user
def can_upload_to_group(user, group): return has_admin_access(user) or is_lead_student(user, group)
def can_upload_file(user): # only teachers and staff can upload files return has_admin_access(user)
def can_add_to_group(user, group): return has_admin_access(user) or is_lead_student(user, group)
def can_list_all_groups(user): return has_admin_access(user)