class Organization(models.Model): name = models.CharField(max_length=255, unique=True) uuid = models.UUIDField(unique=True, db_index=True, default=uuid4) address = models.CharField(max_length=255, null=True, blank=True) address1 = models.CharField(max_length=255, null=True, blank=True) city = models.CharField(max_length=255, null=True, blank=True) state = models.CharField(max_length=80, null=True, blank=True) zip = models.CharField(max_length=25, null=True, blank=True) country = models.CharField(max_length=80, null=True, blank=True, default='US') fax = PhoneNumberField(null=True, blank=True) phone = PhoneNumberField(null=True, blank=True) locale = models.CharField(max_length=2, null=True, blank=True, default='en') removed = models.DateField(null=True) timezone = TimeZoneField(default=settings.TIME_ZONE) website = models.URLField(null=True, blank=True) is_active = models.BooleanField(default=True) objects = ActiveManager() with_projects = OrganizationsWithProjectManager() class Meta: ordering = ['name'] db_table = 'kala_companies' def set_active(self, active): self.is_active = active for person in self.user_set.all(): person.set_active(active) for project in Project.objects.filter(organization=self): project.set_active(active) if not self.is_active: self.removed = datetime.date.today() self.save() def get_projects(self, user): if user.is_superuser: return Project.objects.active().filter(organization=self) if Permissions.has_perms( ['change_organization', 'add_organization', 'delete_organization'], user, self.uuid): return self.project_set.all() else: document_project_uuids = Permissions.objects.filter( permission__codename__in=[ 'change_document', 'add_document', 'delete_document' ], user=user).values_list('object_uuid', flat=True) document_projects = documents.models.Document.objects.filter( project__organization=self, uuid__in=document_project_uuids).values_list('project__uuid', flat=True) project__uuids = self.project_set.all().values_list('uuid', flat=True) perm_uuids = Permissions.objects.filter( user=user, object_uuid__in=project__uuids).values_list('object_uuid', flat=True) return Project.objects.filter(uuid__in=list(perm_uuids) + list(document_projects)) def get_people(self, user): # If you are a super user or you have permissions on # an organization, then you can see everyone. if user.is_superuser or Permissions.has_perms( ['change_organization', 'add_organization', 'delete_organization'], user, self.uuid): return User.objects.all() else: return None def __str__(self): return self.name def add_change(self, user): perm = Permission.objects.get(codename='change_organization') Permissions.add_perm(perm=perm, user=user, uuid=self.uuid) def has_change(self, user): perm = Permission.objects.get(codename='change_organization') return Permissions.has_perm(perm=perm, user=user, uuid=self.uuid) def add_delete(self, user): perm = Permission.objects.get(codename='delete_organization') Permissions.add_perm(perm=perm, user=user, uuid=self.uuid) def has_delete(self, user): perm = Permission.objects.get(codename='delete_organization') return Permissions.has_perm(perm=perm, user=user, uuid=self.uuid) def add_create(self, user): perm = Permission.objects.get(codename='add_organization') Permissions.add_perm(perm=perm, user=user, uuid=self.uuid) def has_create(self, user): perm = Permission.objects.get(codename='add_organization') return Permissions.has_perm(perm=perm, user=user, uuid=self.uuid)
class Document(models.Model): project = models.ForeignKey('projects.Project', on_delete=models.CASCADE) name = models.CharField(max_length=255) date = models.DateTimeField(default=timezone.now) removed = models.DateField(null=True) mime = models.CharField(max_length=255, null=True) category = models.ForeignKey('projects.Category', null=True, blank=True, on_delete=models.PROTECT) is_active = models.BooleanField(default=True) uuid = models.UUIDField(unique=True, db_index=True, default=uuid4, editable=False) tags = TaggableManager(blank=True) objects = ActiveManager() class Meta: ordering = ['-date', 'name'] db_table = 'kala_documents' def set_active(self, active): self.is_active = active if not self.is_active: self.removed = timezone.now().date() self.save() def delete(self, using=None, **kwargs): DocumentVersion.objects.filter(document=self).delete() super(Document, self).delete(using) @property def description(self): if not hasattr(self, 'document'): self.document = self.get_latest() return self.document.description @property def user(self): if not hasattr(self, 'document'): self.document = self.get_latest() return self.document.user @property def created(self): if not hasattr(self, 'document'): self.document = self.get_latest() return self.document.created @property def file(self): if not hasattr(self, 'document'): self.document = self.get_latest() return self.document.file @property def get_icon(self): if not hasattr(self, 'document'): self.document = self.get_latest() return self.document.get_icon() @property def get_alt(self): if not hasattr(self, 'document'): self.document = self.get_latest() return self.document.get_alt() def get_latest(self): return self.documentversion_set.latest() def list_versions(self): return self.documentversion_set.all() def can(self, user, _permissions): if user.is_superuser: return True return True if DocumentPermission.objects.filter( permission__in=Permission.objects.filter( codename__in=_permissions, content_type__app_label='documents' ), user=user, document=self).exists() \ or self.project.can(user, _permissions) \ or self.project.organization.can(user, _permissions) else False def can_create(self, user): return self.can(user, ['can_create', 'can_invite', 'can_manage']) def can_invite(self, user): return self.can(user, ['can_invite', 'can_manage']) def can_manage(self, user): return self.can(user, ['can_manage']) def add_permission(self, user, permission): DocumentPermission.objects.get_or_create( permission=Permission.objects.get( codename=permission, content_type__app_label='documents'), user=user, document=self) def add_create(self, user): self.add_permission(user, 'can_create') def add_invite(self, user): self.add_permission(user, 'can_invite') def add_manage(self, user): self.add_permission(user, 'can_manage') def delete_permission(self, user, permission): try: DocumentPermission.objects.get(permission=Permission.objects.get( codename=permission, content_type__app_label='documents'), user=user, document=self).delete() except DocumentPermission.DoesNotExist: return False def delete_create(self, user): self.delete_permission(user, 'can_create') def delete_invite(self, user): self.delete_permission(user, 'can_invite') def delete_manage(self, user): self.delete_permission(user, 'can_manage') def __str__(self): return self.name
class Organization(models.Model): name = models.CharField(max_length=255, unique=True) uuid = models.UUIDField(unique=True, db_index=True, default=uuid4) address = models.CharField(max_length=255, null=True, blank=True) address1 = models.CharField(max_length=255, null=True, blank=True) city = models.CharField(max_length=255, null=True, blank=True) state = models.CharField(max_length=80, null=True, blank=True) zip = models.CharField(max_length=25, null=True, blank=True) country = models.CharField(max_length=80, null=True, blank=True, default='US') fax = PhoneNumberField(null=True, blank=True) phone = PhoneNumberField(null=True, blank=True) locale = models.CharField(max_length=2, null=True, blank=True, default='en') removed = models.DateField(null=True) timezone = TimeZoneField(default=settings.TIME_ZONE) website = models.URLField(null=True, blank=True) is_active = models.BooleanField(default=True) objects = ActiveManager() class Meta: ordering = ['name'] db_table = 'kala_companies' def set_active(self, active): self.is_active = active for person in self.user_set.all(): person.set_active(active) for project in Project.objects.filter(organization=self): project.set_active(active) if not self.is_active: self.removed = datetime.date.today() self.save() def get_projects(self, user): if user.is_superuser: return Project.objects.active().filter(organization=self) else: return Project.objects.active().filter( id__in=user.get_projects().values_list('id', flat=True), organization=self) def __str__(self): return self.name def can(self, user, _permissions): if user.is_superuser: return True return True if OrganizationPermission.objects.filter( permission__in=Permission.objects.filter( codename__in=_permissions, content_type__app_label='organizations'), user=user, organization=self).exists() else False def can_create(self, user): return self.can(user, ['can_create', 'can_invite', 'can_manage']) def can_invite(self, user): return self.can(user, ['can_invite', 'can_manage']) def can_manage(self, user): return self.can(user, ['can_manage']) def add_permission(self, user, permission): OrganizationPermission.objects.get_or_create( permission=Permission.objects.get( codename=permission, content_type__app_label='organizations'), user=user, organization=self) def add_create(self, user): self.add_permission(user, 'can_create') def add_invite(self, user): self.add_permission(user, 'can_invite') def add_manage(self, user): self.add_permission(user, 'can_manage') def delete_permission(self, user, permission): try: OrganizationPermission.objects.get( permission=Permission.objects.get( codename=permission, content_type__app_label='organizations'), user=user, organization=self).delete() except OrganizationPermission.DoesNotExist: return False def delete_create(self, user): self.delete_permission(user, 'can_create') def delete_invite(self, user): self.delete_permission(user, 'can_invite') def delete_manage(self, user): self.delete_permission(user, 'can_manage')
class Project(models.Model): name = models.CharField(max_length=255) description = models.TextField() tags = TaggableManager(blank=True) organization = models.ForeignKey('organizations.Organization', on_delete=models.CASCADE) clients = models.ManyToManyField(settings.AUTH_USER_MODEL, blank=True) created = models.DateTimeField(auto_now_add=True) removed = models.DateField(null=True) changed = models.DateTimeField(auto_now=True) is_active = models.BooleanField(default=True) uuid = models.UUIDField(unique=True, db_index=True, default=uuid4, editable=False) objects = ActiveManager() class Meta: ordering = ('name',) db_table = 'kala_projects' def set_active(self, active): self.is_active = active if not self.is_active: self.removed = datetime.date.today() self.save() def __str__(self): return self.name def get_documents(self, user): if user.is_superuser: return self.document_set.filter(project=self) if Permissions.has_perms([ 'change_organization', 'add_organization', 'delete_organization' ], user, self.organization.uuid) or Permissions.has_perms([ 'change_project', 'add_project', 'delete_project' ], user, self.uuid): return self.document_set.all().prefetch_related('documentversion_set', 'documentversion_set__user') else: document__uuids = self.document_set.all().values_list('uuid', flat=True) perm_uuids = Permissions.objects.filter( user=user, object_uuid__in=document__uuids ).values_list('object_uuid', flat=True) return self.document_set.filter(uuid__in=perm_uuids).prefetch_related('documentversion_set', 'documentversion_set__user') def get_users(self, user): if user.is_superuser: return User.objects.all() # If you have permissions for the org, or permissions for the # project, then you can see everyone in the org. if Permissions.has_perms([ 'change_organization', 'add_organization', 'delete_organization' ], user, self.organization.uuid) or Permissions.has_perms([ 'change_project', 'delete_project' ], user, self.uuid): return self.organization.user_set.all() return None def add_change(self, user): perm = Permission.objects.get(codename='change_project') Permissions.add_perm(perm=perm, user=user, uuid=self.uuid) def has_change(self, user): perm = Permission.objects.get(codename='change_project') org_perm = Permission.objects.get(codename='change_organization') return Permissions.has_perm( perm=perm, user=user, uuid=self.uuid ) or Permissions.has_perm( perm=org_perm, user=user, uuid=self.organization.uuid ) def add_delete(self, user): perm = Permission.objects.get(codename='delete_project') Permissions.add_perm(perm=perm, user=user, uuid=self.uuid) def has_delete(self, user): perm = Permission.objects.get(codename='delete_project') org_perm = Permission.objects.get(codename='delete_organization') return Permissions.has_perm( perm=perm, user=user, uuid=self.uuid ) or Permissions.has_perm( perm=org_perm, user=user, uuid=self.organization.uuid ) def add_create(self, user): perm = Permission.objects.get(codename='add_project') Permissions.add_perm(perm=perm, user=user, uuid=self.uuid) def has_create(self, user): perm = Permission.objects.get(codename='add_project') org_perm = Permission.objects.get(codename='add_organization') return Permissions.has_perm( perm=perm, user=user, uuid=self.uuid ) or Permissions.has_perm( perm=org_perm, user=user, uuid=self.organization.uuid )