def built_in_permissible_entities(self, owner):
return CrudAccessController.wrapper(
adminable_by=[
PermissibleEntity.allow_user(owner, built_in=True),
PermissibleEntity.allow_perm(LOOT_TRACKER_ADMIN, built_in=True),
],
)
def built_in_permissible_entities(self, owner):
admins = [
PermissibleEntity.allow_perm(SHIP_PRICE_ADMIN, built_in=True),
]
if owner is not None:
admins.append(PermissibleEntity.allow_user(owner, built_in=True))
return CrudAccessController.wrapper(adminable_by=admins, )
def default_permissible_entities(self):
return [
("view", PermissibleEntity.allow_perm(LOOT_TRACKER)),
("use", PermissibleEntity.allow_perm(LOOT_TRACKER)),
]
def built_in_permissible_entities(self, _):
return CrudAccessController.wrapper(adminable_by=[
PermissibleEntity.allow_perm(VENMO_ADMIN, built_in=True),
], )
def default_permissible_entities(self):
return [
("view", PermissibleEntity.allow_perm(BASIC_ACCESS)),
("use", PermissibleEntity.allow_perm(BASIC_ACCESS)),
]
def handle_permissible_entity_formset(owning_user, formset, controllable_instance):
controller = controllable_instance.access_controller
if formset.is_valid():
for form in formset.deleted_forms:
existing = form.cleaned_data["existing_entity"]
if existing:
if existing.built_in:
raise ValidationError("Cannot edit a built in permissible entity")
existing.delete()
for form in formset:
if "DELETE" in form.cleaned_data and form.cleaned_data["DELETE"]:
continue
by = control_to_relation(form.cleaned_data["control"], controller)
existing = form.cleaned_data["existing_entity"]
permission = form.cleaned_data["permission"]
corp = form.cleaned_data["corp"]
user = form.cleaned_data["user"]
allow_or_deny = form.cleaned_data["allow_or_deny"] == "allow"
existing_qs = by.filter(
permission=permission, corp=corp, user=user, allow_or_deny=allow_or_deny
)
already = existing_qs.exists()
if existing and existing.built_in:
raise ValidationError("Cannot edit a built in permissible entity")
if not already and existing:
controller.viewable_by.remove(existing)
controller.adminable_by.remove(existing)
controller.editable_by.remove(existing)
controller.usable_by.remove(existing)
controller.deletable_by.remove(existing)
existing.permission = permission
existing.corp = corp
existing.user = user
existing.allow_or_deny = allow_or_deny
existing.reset_order_to_level()
existing.save()
by.add(existing)
if already and existing:
if not existing_qs.filter(id=existing.id).exists():
existing.delete()
if not already and not existing:
entity = PermissibleEntity(
permission=permission,
corp=corp,
user=user,
allow_or_deny=allow_or_deny,
built_in=False,
)
entity.reset_order_to_level()
entity.save()
by.add(entity)
for attr_name, items in controllable_instance.built_in_permissible_entities(
owning_user
).items():
for item in items:
qs = getattr(controller, attr_name)
built_in_exists = qs.filter(
permission=item.permission,
corp=item.corp,
user=item.user,
allow_or_deny=item.allow_or_deny,
built_in=True,
).exists()
if not built_in_exists:
item.reset_order_to_level()
item.save()
qs.add(item)