def gen_ctx(self):
return {
'can_view':
app_settings.EXPLORER_PERMISSION_VIEW(self.request.user),
'can_change':
app_settings.EXPLORER_PERMISSION_CHANGE(self.request.user)
}
def wrap(request, *args, **kwargs):
if not app_settings.EXPLORER_PERMISSION_VIEW(request.user)\
and not user_can_see_query(request, kwargs)\
and not (app_settings.EXPLORER_TOKEN_AUTH_ENABLED()
and request.META.get('HTTP_X_API_TOKEN') == app_settings.EXPLORER_TOKEN):
return safe_admin_login_prompt(request)
return f(request, *args, **kwargs)
def view_permission(request, **kwargs):
return app_settings.EXPLORER_PERMISSION_VIEW(request.user)\
or user_can_see_query(request, **kwargs)\
or (app_settings.EXPLORER_TOKEN_AUTH_ENABLED()
and (request.META.get('HTTP_X_API_TOKEN') ==
app_settings.EXPLORER_TOKEN
or request.GET.get('token') == app_settings.EXPLORER_TOKEN))
def get_queryset(self):
if app_settings.EXPLORER_PERMISSION_VIEW(self.request.user):
qs = Query.objects.prefetch_related('created_by_user').all()
else:
qs = Query.objects.prefetch_related('created_by_user').filter(
pk__in=allowed_query_pks(self.request.user.id))
return qs.annotate(run_count=Count('querylog'))
def get_queryset(self):
if app_settings.EXPLORER_PERMISSION_VIEW(self.request.user):
qs = (Query.objects.prefetch_related('created_by_user',
'querylog_set').all())
else:
qs = (Query.objects.prefetch_related(
'created_by_user', 'querylog_set').filter(
pk__in=allowed_query_pks(self.request.user.id)))
return qs
def gen_ctx(self):
return {
'can_view': app_settings.EXPLORER_PERMISSION_VIEW(
self.request
),
'can_change': app_settings.EXPLORER_PERMISSION_CHANGE(
self.request
),
'csrf_cookie_name': settings.CSRF_COOKIE_NAME,
}
def wrap(request, *args, **kwargs):
if not app_settings.EXPLORER_PERMISSION_VIEW(request.user)\
and not allowed_query_pks(request.user.id):
return safe_admin_login_prompt(request)
return f(request, *args, **kwargs)
def get_app_permissions(request):
return {
'can_view': app_settings.EXPLORER_PERMISSION_VIEW(request.user),
'can_change': app_settings.EXPLORER_PERMISSION_CHANGE(request.user)
}
def view_permission_list(request):
return app_settings.EXPLORER_PERMISSION_VIEW(request.user)\
or allowed_query_pks(request.user.id)
def wrap(request, *args, **kwargs):
if not app_settings.EXPLORER_PERMISSION_VIEW(
request.user) and not user_can_see_query(request, kwargs):
return safe_admin_login_prompt(request)
return f(request, *args, **kwargs)