def delete(self, *args, **kwargs): self.obj = self.get_object() if (self.request.user in self.obj.project.owners) or is_site_manager( self.request.user): # user is owner or site manager if is_last_owner(self.obj.project, self.obj.user): logger.info('User "%s" not allowed to remove last user "%s"', self.request.user.username, self.obj.user.username) return HttpResponseBadRequest() else: logger.info('User "%s" deletes user "%s"', self.request.user.username, self.obj.user.username) success_url = reverse('project', args=[self.get_object().project.id]) self.obj.delete() return HttpResponseRedirect(success_url) elif self.request.user == self.obj.user: # user wants to remove him/herself logger.info('User "%s" deletes himself.', self.request.user.username) success_url = reverse('projects') self.obj.delete() return HttpResponseRedirect(success_url) else: logger.info('User "%s" not allowed to remove user "%s"', self.request.user.username, self.obj.user.username) return HttpResponseForbidden()
def get_snapshots_for_user(self, user): if user.is_authenticated: if user.has_perm('projects.view_snapshot'): return Snapshot.objects.all() elif is_site_manager(user): return Snapshot.objects.filter_current_site() else: return Snapshot.objects.filter(project__user=self.request.user) else: return Snapshot.objects.none()
def get_integrations_for_user(self, user): if user.is_authenticated: if user.has_perm('projects.view_integration'): return Integration.objects.all() elif is_site_manager(user): return Integration.objects.filter_current_site() else: return Integration.objects.filter(project__user=self.request.user) else: return Integration.objects.none()
def get_projects_for_user(self, user): if user.is_authenticated: if user.has_perm('projects.view_project'): return Project.objects.all() elif is_site_manager(user): return Project.objects.filter_current_site() else: return Project.objects.filter(user=user) else: return Project.objects.none()
def get_queryset(self): if is_site_manager(self.request.user): # prepare subquery for last_changed subquery = Value.objects.filter(project=models.OuterRef( 'pk')).order_by('-updated').values('updated')[:1] return Project.objects.filter_current_site() \ .annotate(last_changed=models.functions.Greatest('updated', models.Subquery(subquery))) else: raise PermissionDenied()
def filter_user(self, user): if user.is_authenticated: if user.has_perm('projects.view_snapshot'): return self.all() elif is_site_manager(user): return self.filter_current_site() else: from .models import Project projects = Project.objects.filter_user(user) return self.filter(project__in=projects) else: return self.none()
def filter_user(self, user): if user.is_authenticated: if user.has_perm('projects.view_project'): return self.all() elif is_site_manager(user): return self.filter_current_site() else: queryset = self.filter(user=user) for instance in queryset: queryset |= instance.get_descendants() return queryset.distinct() else: return self.none()
def get_queryset(self): if is_site_manager(self.request.user): # prepare projects queryset for the site manager queryset = Project.objects.filter_current_site() # prepare subquery for last_changed last_changed_subquery = models.Subquery( Value.objects.filter(project=models.OuterRef('pk')).order_by('-updated').values('updated')[:1] ) queryset = queryset.annotate(last_changed=models.functions.Greatest('updated', last_changed_subquery)) return queryset else: raise PermissionDenied()
def get_form_kwargs(self): kwargs = super().get_form_kwargs() kwargs['project'] = self.project kwargs['is_site_manager'] = is_site_manager(self.request.user) return kwargs
def get_context_data(self, **kwargs): context = super(ProjectsView, self).get_context_data(**kwargs) context['invites'] = Invite.objects.filter(user=self.request.user) context['is_site_manager'] = is_site_manager(self.request.user) return context
def get_context_data(self, **kwargs): context = super(ProjectsView, self).get_context_data(**kwargs) context['is_site_manager'] = is_site_manager(self.request.user) return context
def get_queryset(self): if is_site_manager(self.request.user): return Project.objects.filter_current_site() else: raise PermissionDenied()