def edit_info(request, name): user_info = McUser.objects.get(norm_name=normalize_name(name)) if not user_info.user.id == request.user.id and not has_permission(request.user, 'edit_all_info'): return redirect('edit_info', request.user.mcuser.get_link_name()) if request.method == 'POST': if has_role(request.user, 'staff'): form = McUserStaffForm(request.POST, request.FILES, instance=user_info, prefix='base') else: form = McUserForm(request.POST, request.FILES, instance=user_info, prefix='base') if (form.is_valid()): mcuser = form.save(commit=False) hidden_fields = [key.replace('checkbox_', '') for key in request.POST if key.startswith('checkbox_')] mcuser.hidden_fields = hidden_fields mcuser.save() messages.add_message( request, messages.SUCCESS, 'Changes saved! Click <a href="%s">here</a> to view profile.' % reverse('profile', args=[mcuser.get_link_name()])) update_last_updated(user_info, request.user) return redirect('edit_info', user_info.norm_name) else: if has_role(request.user, 'staff'): form = McUserStaffForm(instance=user_info, prefix='base') else: form = McUserForm(instance=user_info, prefix='base') context = { 'form': form, 'mcuser': user_info } template = 'core/edit_info.html' if has_role(user_info.user, 'staff'): template = 'core/edit_info_staff.html' return render(request, template, context)
def main_control(request): if request.user.is_superuser: return redirect("super_user_page") else: page = '' if has_role(request.user, 'lead_recruiter'): page = 'recruiter_page' elif has_role(request.user, 'recruiter'): page = 'recruiter_page' return redirect(page)
def form_valid(self, form): if has_role(self.request.user,'professor'): context = super(Curso, self).form_valid(form) context['sucesso'] = True elif has_role(self.request.user,'aluno'): # print (type(self.request.user)) aluno = Aluno_curso(aluno=self.request.user,curso=self.object) aluno.save() # print (aluno) context = HttpResponseRedirect(self.get_success_url()) context['sucesso'] = True else: context = HttpResponseRedirect(self.get_success_url()) return context
def edit_account(request, name=None): if name and not has_role(request.user, ['staff', 'dev']): return redirect('edit_account') if name: user = McUser.objects.get(norm_name=normalize_name(name)).user else: user = request.user if request.method == 'POST': user_form = UserForm(request.POST, instance=user, user=user) if user_form.is_valid(): user_form.save() messages.add_message(request, messages.SUCCESS, 'Changes saved!') if name: return redirect('edit_other_account', name) return redirect('edit_account') else: messages.add_message(request, messages.WARNING, 'Passwords do not match.') user_form = UserForm(instance=user, user=user) else: user_form = UserForm(instance=user, user=user) context = { 'form': user_form, } if name: context['name'] = user.mcuser.get_full_name() return render(request, 'core/edit_account.html', context)
def wrapper(request, *args, **kwargs): user = request.user if user.is_authenticated(): if has_role(user, role): return dispatch(request, *args, **kwargs) raise PermissionDenied
def wrapper(request, *args, **kwargs): if get_state().current == 1: if not (has_role(request.user, ['staff', 'dev', 'selection']) or has_permission(request.user, 'edit_applicants')): raise Http404('App not available until later.') return f(request, *args, **kwargs)
def get_queryset(self): cursos = [] if has_role(self.request.user,'aluno'): for curso in self.request.user.alunos_curso.all(): if curso.curso.is_approved: cursos.append(curso.curso) return cursos
def get_context_data(self, **kwargs): context = super(Index, self).get_context_data(**kwargs) if has_role(self.request.user,'aluno'): cursos = [] meus_cursos = [] for curso in self.request.user.alunos_curso.all(): if curso.curso.is_approved: meus_cursos.append(curso.curso) for curso in C.objects.filter(is_approved=True): if not curso in meus_cursos: cursos.append(curso) paginator = Paginator(cursos, 2) try: page_number = int(self.request.GET.get('page', 1)) except ValueError: raise Http404 try: page_obj = paginator.page(page_number) except EmptyPage: raise Http404 context['outros_cursos'] = page_obj.object_list context['paginacao'] = paginator context['pagina_obj'] = page_obj return context
def get_context_data(self, **kwargs): context = super(Curso, self).get_context_data(**kwargs) modulos = self.object.modulos.filter(is_visivel=True) alunos = [] for aluno in self.object.cursos_aluno.all(): alunos.append(aluno.aluno) context['alunos'] = alunos cursos = [] if has_role(self.request.user,'aluno'): for curso in self.request.user.alunos_curso.all(): cursos.append(curso.curso) if self.object in cursos: context['cadastrado'] = True # print (dir(self.object.mo)) paginator = Paginator(modulos, 2) try: page_number = int(self.request.GET.get('page', 1)) except ValueError: raise Http404 try: page_obj = paginator.page(page_number) except EmptyPage: raise Http404 context['paginator'] = paginator context['page_obj'] = page_obj context['modulos'] = page_obj.object_list return context
def assert_standard_role_permissions(self, expected_bool, program=None): """ Helper function to assert role and permissions assignment """ assert isinstance(expected_bool, bool) assert has_role(self.user, 'staff') is expected_bool assert has_permission(self.user, 'can_advance_search') is expected_bool assert has_object_permission('can_advance_search', self.user, program or self.program) is expected_bool
def wrapper(request, *args, **kwargs): user = request.user if user.is_authenticated(): if has_role(user, role): return dispatch(request, *args, **kwargs) if hasattr(settings, 'ROLEPERMISSIONS_REDIRECT_TO_LOGIN'): return redirect_to_login(request.get_full_path()) raise PermissionDenied
def access_level(self, textonly=True): icon = '' title = '' if self.can_login: title = _('A accès') icon = 'user' if self.user.is_superuser: title = _('Administra·teur·trice') icon = 'queen' elif has_role(self.user, 'power_user'): title = _('Super-utilisa·teur·trice') icon = 'king' elif has_role(self.user, 'state_manager'): title = _('Chargé·e de projet') icon = 'bishop' if title and textonly: return title if icon: return mark_safe(STDGLYPHICON.format(icon=icon, title=title)) return ''
def edit_info(request, name): user_info = McUser.objects.get(norm_name=normalize_name(name)) if not user_info.user.id == request.user.id and not has_permission( request.user, 'edit_all_info'): return redirect('edit_info', request.user.mcuser.get_link_name()) if request.method == 'POST': if has_role(request.user, 'staff'): form = McUserStaffForm(request.POST, request.FILES, instance=user_info, prefix='base') else: form = McUserForm(request.POST, request.FILES, instance=user_info, prefix='base') if (form.is_valid()): mcuser = form.save(commit=False) hidden_fields = [ key.replace('checkbox_', '') for key in request.POST if key.startswith('checkbox_') ] mcuser.hidden_fields = hidden_fields mcuser.save() messages.add_message( request, messages.SUCCESS, 'Changes saved! Click <a href="%s">here</a> to view profile.' % reverse('profile', args=[mcuser.get_link_name()])) update_last_updated(user_info, request.user) return redirect('edit_info', user_info.norm_name) else: if has_role(request.user, 'staff'): form = McUserStaffForm(instance=user_info, prefix='base') else: form = McUserForm(instance=user_info, prefix='base') context = {'form': form, 'mcuser': user_info} template = 'core/edit_info.html' if has_role(user_info.user, 'staff'): template = 'core/edit_info_staff.html' return render(request, template, context)
def app_state(request): if not has_role(request.user, ['staff', 'dev']): raise Http404('Permission denied.') state = get_state() if request.method == 'POST': form = StateForm(request.POST, instance=state) if (form.is_valid()): form.save() return redirect('feedback:index_redirect') else: form = StateForm(instance=state) context = { 'form': form, } return render(request, 'feedback/edit_state.html', context)
def user_edit(request, pk): user = get_object_or_404(User, pk=pk) form = UserFormedit() if request.method == "POST": form = UserFormedit(request.POST, request.FILES, instance=user) if form.is_valid(): user = form.save(commit=False) # post.author = request.user user.empresa = form.cleaned_data['empresa'] user.save() rol = form.cleaned_data['rol'] roles = Rol.objects.filter(user=user) if rol == 'administrador': for r in roles: r.operar = True r.crear = True r.editar = True r.eliminar = True r.save() Administrador.assign_role_to_user(user) return HttpResponseRedirect(reverse_lazy('list_user')) else: if not has_role(user, [Operador]): for r in roles: r.operar = False r.crear = False r.editar = False r.eliminar = False r.save() Operador.assign_role_to_user(user) return HttpResponseRedirect(reverse_lazy('permisos_user', kwargs={'pk':user.pk})) return HttpResponseRedirect(reverse_lazy('list_user')) return render(request, 'inicio/update.html', {'user_form': form, 'usere': user})
def test_func(self, user): return has_role(user, [Gerente, Corretor, ])
def test_user_has_Role1(self): user = self.user self.assertTrue(has_role(user, Role1))
def has_role_template_tag(user, role): role_list = role.split(',') return has_role(user, role_list)
def test_user_has_VerRole1_or_VerRole2(self): user = self.user self.assertTrue(has_role(user, [VerRole1, VerRole2]))
def test_not_existent_role(self): user = self.user self.assertFalse(has_role(user, 'not_a_role'))
def test_user_has_VerRole1(self): user = self.user self.assertTrue(has_role(user, VerRole1))
def test_has_role_by_name(self): user = self.user self.assertTrue(has_role(user, "ver_role1"))
def test_user_has_VerRole1_or_VerRole3_by_name(self): user = self.user VerRole3.assign_role_to_user(user) self.assertTrue(has_role(user, ["ver_role1", "ver_new_name"]))
def test_none_user_param(self): self.assertFalse(has_role(None, "ver_role1"))
def test_user_has_VerRole1_or_VerRole3_by_name(self): user = self.user VerRole3.assign_role_to_user(user) self.assertTrue(has_role(user, ['ver_role1', 'ver_new_name']))
def test_user_does_not_have_Role2(self): user = self.user self.assertFalse(has_role(user, Role2))
def test_has_role_by_name(self): user = self.user self.assertTrue(has_role(user, 'ver_role1'))
def test_user_has_Role1_or_Role2(self): user = self.user self.assertTrue(has_role(user, [Role1, Role2]))
def test_user_does_not_have_VerRole2(self): user = self.user self.assertFalse(has_role(user, VerRole2))
def test_has_role_by_name(self): user = self.user self.assertTrue(has_role(user, 'role1'))
def test_user_has_Role1_or_Role3_by_name(self): user = self.user Role3.assign_role_to_user(user) self.assertTrue(has_role(user, ['role1', 'new_name']))
def test_none_user_param(self): self.assertFalse(has_role(None, 'ver_role1'))