def get_user_role(user):
if user:
roles = user.groups.filter(name__in=RolesManager.get_roles_names())
if roles:
return RolesManager.retrieve_role(roles[0].name)
return None
def get_user_role(user):
if user:
roles = user.groups.filter(name__in=RolesManager.get_roles_names())
if roles:
return RolesManager.retrieve_role(roles[0].name)
return None
def remove_role(user):
old_groups = user.groups.filter(name__in=registered_roles.keys())
for old_group in old_groups: # Normally there is only one, but remove all other role groups
role = RolesManager.retrieve_role(old_group.name)
permissions_to_remove = Permission.objects.filter(codename__in=role.permission_names_list()).all()
user.user_permissions.remove(*permissions_to_remove)
user.groups.remove(*old_groups)
def remove_role(user):
old_groups = user.groups.filter(name__in=registered_roles.keys())
for old_group in old_groups: # Normally there is only one, but remove all other role groups
role = RolesManager.retrieve_role(old_group.name)
permissions_to_remove = Permission.objects.filter(
codename__in=role.permission_names_list()).all()
user.user_permissions.remove(*permissions_to_remove)
user.groups.remove(*old_groups)
def save(self, notify):
user = self.instance.user
# remove any existing roles
for role in get_user_roles(user):
role.remove_role_from_user(user)
to_assign = RolesManager.retrieve_role(self.cleaned_data['role'])
to_assign.assign_role_to_user(user)
user.is_active = True
user.save()
notify(user, to_assign.get_name())
def _construct_permission_to_roles(role_ids):
"""
Create a mapping of role id
Args:
role_ids (list of str): A list of all role ids
Returns:
dict:
A map of permission to a list of role ids which have that permission
"""
permissions = defaultdict(list)
for role_id in role_ids:
for permission, is_set in RolesManager.retrieve_role(role_id).available_permissions.items():
if is_set:
permissions[permission].append(role_id)
return permissions
def has_role(user, roles):
"""Check if a user has any of the given roles."""
if user and user.is_superuser:
return True
if not isinstance(roles, list):
roles = [roles]
normalized_roles = []
for role in roles:
if not inspect.isclass(role):
role = RolesManager.retrieve_role(role)
normalized_roles.append(role)
user_roles = get_user_roles(user)
return any([role in user_roles for role in normalized_roles])
def _construct_permission_to_roles(role_ids):
"""
Create a mapping of role id
Args:
role_ids (list of str): A list of all role ids
Returns:
dict:
A map of permission to a list of role ids which have that permission
"""
permissions = defaultdict(list)
for role_id in role_ids:
for permission, is_set in RolesManager.retrieve_role(
role_id).available_permissions.items():
if is_set:
permissions[permission].append(role_id)
return permissions
def has_role(user, roles):
"""Check if a user has any of the given roles."""
if user and user.is_superuser:
return True
if not isinstance(roles, list):
roles = [roles]
normalized_roles = []
for role in roles:
if not inspect.isclass(role):
role = RolesManager.retrieve_role(role)
normalized_roles.append(role)
user_roles = get_user_roles(user)
return any([role in user_roles for role in normalized_roles])
def save(self, commit=False):
profile = super().save(commit=False)
first_name = self.cleaned_data["first_name"]
last_name = self.cleaned_data["last_name"]
email = self.cleaned_data["email"]
role = RolesManager.retrieve_role(self.cleaned_data["role"])
# create user
user = models.User.objects.create_user(email,
email=email,
first_name=first_name,
last_name=last_name)
role.assign_role_to_user(user)
user.is_active = False
user.save()
# assign to profile
profile.user = user
profile.save()
return profile
def has_role(user, roles):
if user and user.is_superuser:
return True
if not isinstance(roles, list):
roles = [roles]
normalized_roles = []
for role in roles:
if not inspect.isclass(role):
role = RolesManager.retrieve_role(role)
normalized_roles.append(role)
try:
user_role = get_user_role(user)
except ObjectDoesNotExist:
return False
if not user_role:
return False
return user_role in normalized_roles
def has_role(user, roles):
if user and user.is_superuser:
return True
if not isinstance(roles, list):
roles = [roles]
normalized_roles = []
for role in roles:
if not inspect.isclass(role):
role = RolesManager.retrieve_role(role)
normalized_roles.append(role)
try:
user_role = get_user_role(user)
except ObjectDoesNotExist:
return False
if not user_role:
return False
return user_role in normalized_roles
def get_user_role(user):
if hasattr(user, 'role'):
return RolesManager.retrieve_role(user.role.role_name)
return None
def retrieve_role(role_name):
return RolesManager.retrieve_role(role_name)
def test_retrieve_role(self):
RolesManager.register_role(Role1)
RolesManager.register_role(Role2)
self.assertEquals(RolesManager.retrieve_role('role1'), Role1)
self.assertEquals(RolesManager.retrieve_role('role2'), Role2)
def test_retrieve_role(self):
self.assertEquals(RolesManager.retrieve_role('rol_role1'), RolRole1)
self.assertEquals(RolesManager.retrieve_role('rol_role2'), RolRole2)
def test_retrieve_role(self):
self.assertEquals(RolesManager.retrieve_role('rol_role1'), RolRole1)
self.assertEquals(RolesManager.retrieve_role('rol_role2'), RolRole2)
def retrieve_role(role_name):
return RolesManager.retrieve_role(role_name)
