def get_identities(self, querydict=None): """Return all identities owned by this user :param querydict: a querydict object :return: a queryset """ from modoboa.lib.permissions import get_content_type from itertools import chain if querydict: squery = querydict.get("searchquery", None) idtfilter = querydict.getlist("idtfilter", None) grpfilter = querydict.getlist("grpfilter", None) else: squery = None idtfilter = None grpfilter = None accounts = [] if not idtfilter or "account" in idtfilter: userct = get_content_type(self) ids = self.objectaccess_set.filter(content_type=userct) \ .values_list('object_id', flat=True) q = Q(pk__in=ids) if squery: q &= Q(username__icontains=squery) | Q(email__icontains=squery) if grpfilter and len(grpfilter): if "SuperAdmins" in grpfilter: q &= Q(is_superuser=True) grpfilter.remove("SuperAdmins") if len(grpfilter): q |= Q(groups__name__in=grpfilter) else: q &= Q(groups__name__in=grpfilter) accounts = User.objects.select_related().filter(q) aliases = [] if not idtfilter or ("alias" in idtfilter or "forward" in idtfilter or "dlist" in idtfilter): alct = get_content_type(Alias) ids = self.objectaccess_set.filter(content_type=alct) \ .values_list('object_id', flat=True) q = Q(pk__in=ids) if squery: if '@' in squery: local_part, domname = split_mailbox(squery) if local_part: q &= Q(address__icontains=local_part) if domname: q &= Q(domain__name__icontains=domname) else: q &= Q(address__icontains=squery) | Q(domain__name__icontains=squery) aliases = Alias.objects.select_related().filter(q) if idtfilter: aliases = [al for al in aliases if al.type in idtfilter] return chain(accounts, aliases)
def get_identities(self, querydict=None): """Return all identities owned by this user :param querydict: a querydict object :return: a queryset """ from modoboa.lib.permissions import get_content_type from itertools import chain if querydict: squery = querydict.get("searchquery", None) idtfilter = querydict.getlist("idtfilter", None) grpfilter = querydict.getlist("grpfilter", None) else: squery = None idtfilter = None grpfilter = None accounts = [] if not idtfilter or "account" in idtfilter: userct = get_content_type(self) ids = self.objectaccess_set.filter(content_type=userct) \ .values_list('object_id', flat=True) q = Q(pk__in=ids) if squery: q &= Q(username__icontains=squery) | Q(email__icontains=squery) if grpfilter and len(grpfilter): if "SuperAdmins" in grpfilter: q &= Q(is_superuser=True) grpfilter.remove("SuperAdmins") if len(grpfilter): q |= Q(groups__name__in=grpfilter) else: q &= Q(groups__name__in=grpfilter) accounts = User.objects.select_related().filter(q) aliases = [] if not idtfilter or ("alias" in idtfilter or "forward" in idtfilter or "dlist" in idtfilter): alct = get_content_type(Alias) ids = self.objectaccess_set.filter(content_type=alct) \ .values_list('object_id', flat=True) q = Q(pk__in=ids) if squery: if '@' in squery: local_part, domname = split_mailbox(squery) if local_part: q &= Q(address__icontains=local_part) if domname: q &= Q(domain__name__icontains=domname) else: q &= Q(address__icontains=squery) | Q( domain__name__icontains=squery) aliases = Alias.objects.select_related().filter(q) if idtfilter: aliases = [al for al in aliases if al.type in idtfilter] return chain(accounts, aliases)
def grant_access_to_all_objects(self): """Give access to all objects defined in the database Must be used when an account is promoted as a super user. """ from modoboa.lib.permissions import grant_access_to_objects, get_content_type grant_access_to_objects(self, User.objects.all(), get_content_type(User)) grant_access_to_objects(self, Domain.objects.all(), get_content_type(Domain)) grant_access_to_objects(self, DomainAlias.objects.all(), get_content_type(DomainAlias)) grant_access_to_objects(self, Mailbox.objects.all(), get_content_type(Mailbox)) grant_access_to_objects(self, Alias.objects.all(), get_content_type(Alias))
def can_access(self, obj): """Check if the user can access a specific object This function is recursive : if the given user hasn't got direct access to this object and if he has got access other ``User`` objects, we check if one of those users owns the object. :param obj: a admin object :return: a boolean """ from modoboa.lib.permissions import get_content_type if self.is_superuser: return True ct = get_content_type(obj) try: ooentry = self.objectaccess_set.get(content_type=ct, object_id=obj.id) except ObjectAccess.DoesNotExist: pass else: return True if ct.model == "user": return False ct = self.get_content_type() qs = self.objectaccess_set.filter(content_type=ct) for ooentry in qs.all(): if ooentry.content_object.is_owner(obj): return True return False
def get_mailboxes(self, squery=None): """Return the mailboxes that belong to this user The result will contain the mailboxes defined for each domain that user can see. :param string squery: a search query :return: a list of ``Mailbox`` objects """ from modoboa.lib.permissions import get_content_type qf = None if squery is not None: if '@' in squery: parts = squery.split('@') addrfilter = '@'.join(parts[:-1]) domfilter = parts[-1] qf = Q(address__contains=addrfilter) & Q( domain__name__contains=domfilter) else: qf = Q(address__contains=squery) | Q( domain__name__contains=squery) ids = self.objectaccess_set.filter(content_type=get_content_type(Mailbox)) \ .values_list('object_id', flat=True) if qf is not None: qf = Q(pk__in=ids) & qf else: qf = Q(pk__in=ids) return Mailbox.objects.filter(qf)
def get_mailboxes(self, squery=None): """Return the mailboxes that belong to this user The result will contain the mailboxes defined for each domain that user can see. :param string squery: a search query :return: a list of ``Mailbox`` objects """ from modoboa.lib.permissions import get_content_type qf = None if squery is not None: if '@' in squery: parts = squery.split('@') addrfilter = '@'.join(parts[:-1]) domfilter = parts[-1] qf = Q(address__contains=addrfilter) & Q(domain__name__contains=domfilter) else: qf = Q(address__contains=squery) | Q(domain__name__contains=squery) ids = self.objectaccess_set.filter(content_type=get_content_type(Mailbox)) \ .values_list('object_id', flat=True) if qf is not None: qf = Q(pk__in=ids) & qf else: qf = Q(pk__in=ids) return Mailbox.objects.filter(qf)
def is_owner(self, obj): """Tell is the user is the unique owner of this object :param obj: an object inheriting from ``models.Model`` :return: a boolean """ from modoboa.lib.permissions import get_content_type ct = get_content_type(obj) try: ooentry = self.objectaccess_set.get(content_type=ct, object_id=obj.id) except ObjectAccess.DoesNotExist: return False return ooentry.is_owner
def get_aliases(self): from modoboa.lib.permissions import get_content_type ids = self.objectaccess_set.filter(content_type=get_content_type(Alias)) \ .values_list('object_id', flat=True) return Alias.objects.filter(pk__in=ids)