def season(self): if not hasattr(self, '_season'): try: seasonpk = int( self.kwargs['seasonpk'] if 'seasonpk' in self.kwargs else self.kwargs['pk'] ) self._season = Season.objects.get(pk=seasonpk) # Check that the intersection isn't empty usercantons = user_cantons(self.request.user) if usercantons and not list( set(usercantons) .intersection(set(self._season.cantons)) ): raise PermissionDenied except LookupError: # That user doesn't have allowed seasons if self.allow_season_fetch: self._season = Season.objects.get(pk=seasonpk) else: self._season = None except KeyError: # We're looking at a list self._season = None except Season.DoesNotExist: # I can't see it, or it doesn't exist raise ValueError("Can't see season or it doesn't exist") return self._season
def inusercantons(user, canton): try: usercantons = user_cantons(user) if usercantons: return canton in usercantons return True except PermissionDenied: return
def get_form_kwargs(self): kwargs = super(ProfileMixin, self).get_form_kwargs() if self.cantons: try: kwargs['cantons'] = user_cantons(self.request.user) except LookupError: pass return kwargs
def get_form_kwargs(self): kwargs = super(UserSelfAccessMixin, self).get_form_kwargs() if has_permission(self.request.user, self.required_permission): kwargs['allow_email'] = True try: kwargs['cantons'] = user_cantons(self.request.user) except LookupError: pass return kwargs
def get_queryset(self): qs = self.model.objects try: usercantons = user_cantons(self.request.user) except LookupError: raise PermissionDenied if usercantons: qs = qs.filter(address_canton__in=usercantons) return qs
def get_filterset_kwargs(self, filterset_class): kwargs = ( super(OrganizationsListView, self) .get_filterset_kwargs(filterset_class) ) usercantons = user_cantons(self.request.user) if usercantons: kwargs['cantons'] = usercantons return kwargs
def get_form_kwargs(self): kwargs = super(CantonSeasonFormMixin, self).get_form_kwargs() kwargs['season'] = self.season try: cantons = user_cantons(self.request.user) except LookupError: cantons = None if self.season and cantons: # Check that one canton is in the intersection cantons = list(set(cantons).intersection(set(self.season.cantons))) kwargs['cantons'] = cantons return kwargs
def get_seasons(self, raise_without_cantons=False): qs = Season.objects usercantons = [] try: usercantons = user_cantons(self.user) except LookupError: if raise_without_cantons: raise PermissionDenied if self.formation or self.actor_for: usercantons = [self.affiliation_canton] if self.activity_cantons: usercantons += self.activity_cantons if usercantons: cantons = [ Q(cantons__contains=state) for state in usercantons ] return qs.filter(reduce(operator.or_, cantons)) return qs.none()
def dispatch(self, request, *args, **kwargs): edit = kwargs.pop('edit', False) try: usercantons = user_cantons(request.user) except LookupError: usercantons = False user = self.get_object() if ( # Soit c'est moi request.user.pk == user.pk or # Soit j'ai le droit sur tous les cantons has_permission(request.user, 'cantons_all') or # Soit il est dans mes cantons et j'ai droit ( usercantons and ( # Il est dans mes cantons d'affiliation user.profile.affiliation_canton in usercantons or ( # Je ne fais que le consulter et il est dans mes # cantons d'activité not edit and user.profile.activity_cantons and len( set(user.profile.activity_cantons) .intersection(usercantons) ) != 0 ) ) and has_permission(request.user, self.required_permission) ) ): return ( super(UserSelfAccessMixin, self) .dispatch(request, *args, **kwargs) ) else: raise PermissionDenied
def get_queryset(self): if self.model == Season: return self.request.user.profile.get_seasons( self.raise_without_cantons ) qs = super(SeasonMixin, self).get_queryset() if self.model == get_user_model(): try: usercantons = user_cantons(self.request.user) except LookupError: if self.raise_without_cantons: raise PermissionDenied return qs # Check that the intersection isn't empty cantons = list( set(usercantons) .intersection(set(self.season.cantons)) ) if not cantons: raise PermissionDenied return qs
def get_queryset(self): try: qs = super(ProfileMixin, self).get_queryset() except AttributeError: qs = get_user_model().objects qs = ( qs .prefetch_related('profile') .order_by('first_name', 'last_name') ) try: usercantons = user_cantons(self.request.user) except LookupError: raise PermissionDenied if usercantons: allcantons_filter = [ Q(profile__activity_cantons__contains=canton) for canton in usercantons ] + [ Q(profile__affiliation_canton__in=usercantons) ] qs = qs.filter(reduce(operator.or_, allcantons_filter)) return qs
def get_form_kwargs(self): kwargs = super(OrganizationMixin, self).get_form_kwargs() kwargs['cantons'] = user_cantons(self.request.user) return kwargs