def dispatch(self, request, *args, **kwargs): content_type = get_object_or_404( ContentType, app_label=self.kwargs['app_label'], model=self.kwargs['model'] ) try: self.content_object = content_type.get_object_for_this_type( pk=self.kwargs['object_id'] ) except content_type.model_class().DoesNotExist: raise Http404 try: Permission.check_permissions( request.user, (permission_transformation_create,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_transformation_create, request.user, self.content_object ) return super(TransformationCreateView, self).dispatch( request, *args, **kwargs )
def get_document_image(request, document_id, size=setting_preview_size.value): document = get_object_or_404(Document.passthrough, pk=document_id) try: Permission.check_permissions(request.user, (permission_document_view, )) except PermissionDenied: AccessControlList.objects.check_access(permission_document_view, request.user, document) page = int(request.GET.get('page', DEFAULT_PAGE_NUMBER)) zoom = int(request.GET.get('zoom', DEFAULT_ZOOM_LEVEL)) version = int(request.GET.get('version', document.latest_version.pk)) if zoom < setting_zoom_min_level.value: zoom = setting_zoom_min_level.value if zoom > setting_zoom_max_level.value: zoom = setting_zoom_max_level.value rotation = int(request.GET.get('rotation', DEFAULT_ROTATION)) % 360 document_page = document.pages.get(page_number=page) task = task_get_document_page_image.apply_async( kwargs=dict(document_page_id=document_page.pk, size=size, zoom=zoom, rotation=rotation, as_base64=True, version=version)) data = task.get(timeout=DOCUMENT_IMAGE_TASK_TIMEOUT) return HttpResponse(base64.b64decode(data[21:]), content_type='image')
def dispatch(self, request, *args, **kwargs): self.document = get_object_or_404( Document, pk=self.kwargs['document_pk'] ) self.smart_link = get_object_or_404( SmartLink, pk=self.kwargs['smart_link_pk'] ) try: Permission.check_permissions( request.user, (permission_document_view,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_document_view, request.user, self.document ) try: Permission.check_permissions( request.user, (permission_smart_link_view,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_smart_link_view, request.user, self.smart_link ) return super( ResolvedSmartLinkView, self ).dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs): if self.view_permission: Permission.check_permissions(requester=self.request.user, permissions=(self.view_permission, )) return super(ViewPermissionCheckMixin, self).dispatch(request, *args, **kwargs)
def get_workflow(self): """ This view returns a document types that belongs to a workflow RESEARCH: Could the documents.api_views.APIDocumentTypeView class be subclasses for this? RESEARCH: Since this is a parent-child API view could this be made into a generic API class? RESEARCH: Reuse get_workflow method from APIWorkflowDocumentTypeList? """ if self.request.method == 'GET': permission_required = permission_workflow_view else: permission_required = permission_workflow_edit workflow = get_object_or_404(Workflow, pk=self.kwargs['pk']) try: Permission.check_permissions( self.request.user, (permission_required,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_required, self.request.user, workflow ) return workflow
def delete(self, request, *args, **kwargs): """ Checkin a document. """ document = self.get_object().document if document.checkout_info().user == request.user: try: Permission.check_permissions( request.user, (permission_document_checkin,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_document_checkin, request.user, document ) else: try: Permission.check_permissions( request.user, (permission_document_checkin_override,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_document_checkin_override, request.user, document ) return super( APICheckedoutDocumentView, self ).delete(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs): self.content_type = get_object_or_404( ContentType, app_label=self.kwargs['app_label'], model=self.kwargs['model'] ) try: self.content_object = self.content_type.get_object_for_this_type( pk=self.kwargs['object_id'] ) except self.content_type.model_class().DoesNotExist: raise Http404 try: Permission.check_permissions( request.user, permissions=(permission_events_view,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_events_view, request.user, self.content_object ) return super( ObjectEventListView, self ).dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs): self.subtemplates_list = [] self.document = get_object_or_404(Document, pk=kwargs['document_pk']) if NewVersionBlock.objects.is_blocked(self.document): messages.error( self.request, _( 'Document "%s" is blocked from uploading new versions.' ) % self.document ) return HttpResponseRedirect( reverse( 'documents:document_version_list', args=(self.document.pk,) ) ) try: Permission.check_permissions( self.request.user, (permission_document_new_version,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_document_new_version, self.request.user, self.document ) self.tab_links = UploadBaseView.get_active_tab_links(self.document) return super( UploadInteractiveVersionView, self ).dispatch(request, *args, **kwargs)
def get_queryset(self): document = self.get_document() if self.request.method == 'GET': # Make sure the use has the permission to see the metadata for # this document try: Permission.check_permissions( self.request.user, (permission_metadata_document_view, )) except PermissionDenied: AccessControlList.objects.check_access( permission_metadata_document_view, self.request.user, document) else: return document.metadata.all() elif self.request.method == 'POST': # Make sure the use has the permission to add metadata to this # document try: Permission.check_permissions( self.request.user, (permission_metadata_document_add, )) except PermissionDenied: AccessControlList.objects.check_access( permission_metadata_document_add, self.request.user, document) else: return document.metadata.all()
def document_page_navigation_previous(request, document_page_id): document_page = get_object_or_404(DocumentPage, pk=document_page_id) try: Permission.check_permissions(request.user, (permission_document_view, )) except PermissionDenied: AccessControlList.objects.check_access(permission_document_view, request.user, document_page.document) view = resolve( urlparse.urlparse( request.META.get('HTTP_REFERER', reverse( settings.LOGIN_REDIRECT_URL))).path).view_name if document_page.page_number <= 1: messages.warning( request, _('You are already at the first page of this document')) return HttpResponseRedirect( request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))) else: document_page = get_object_or_404( document_page.siblings, page_number=document_page.page_number - 1) return HttpResponseRedirect('{0}?{1}'.format( reverse(view, args=(document_page.pk, )), request.GET.urlencode()))
def get_document_image(request, document_id, size=setting_preview_size.value): document = get_object_or_404(Document.passthrough, pk=document_id) try: Permission.check_permissions(request.user, (permission_document_view,)) except PermissionDenied: AccessControlList.objects.check_access( permission_document_view, request.user, document ) page = int(request.GET.get('page', DEFAULT_PAGE_NUMBER)) zoom = int(request.GET.get('zoom', DEFAULT_ZOOM_LEVEL)) version = int(request.GET.get('version', document.latest_version.pk)) if zoom < setting_zoom_min_level.value: zoom = setting_zoom_min_level.value if zoom > setting_zoom_max_level.value: zoom = setting_zoom_max_level.value rotation = int(request.GET.get('rotation', DEFAULT_ROTATION)) % 360 document_page = document.pages.get(page_number=page) task = task_get_document_page_image.apply_async(kwargs=dict(document_page_id=document_page.pk, size=size, zoom=zoom, rotation=rotation, as_base64=True, version=version)) data = task.get(timeout=DOCUMENT_IMAGE_TASK_TIMEOUT) return HttpResponse(base64.b64decode(data[21:]), content_type='image')
def key_receive(request, key_id): Permission.check_permissions(request.user, (permission_key_receive,)) previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) if request.method == 'POST': try: gpg.receive_key(key_id=key_id) except Exception as exception: messages.error( request, _('Unable to import key: %(key_id)s; %(error)s') % { 'key_id': key_id, 'error': exception, } ) return HttpResponseRedirect(previous) else: messages.success( request, _('Successfully received key: %(key_id)s') % { 'key_id': key_id, } ) return redirect('django_gpg:key_public_list') return render_to_response('appearance/generic_confirm.html', { 'message': _('Import key ID: %s?') % key_id, 'previous': previous, 'title': _('Import key'), }, context_instance=RequestContext(request))
def post(self, request, *args, **kwargs): """ Checkout a document. """ serializer = self.get_serializer(data=request.DATA, files=request.FILES) if serializer.is_valid(): document = get_object_or_404(Document, pk=serializer.data['document']) try: Permission.check_permissions(request.user, (permission_document_checkout, )) except PermissionDenied: AccessControlList.objects.check_access( permission_document_checkout, request.user, document) timezone = pytz.utc try: DocumentCheckout.objects.create( document=document, expiration_datetime=timezone.localize( serializer.data['expiration_datetime']), user=request.user, block_new_version=serializer.data['block_new_version']) except Exception as exception: return Response(data={'exception': unicode(exception)}, status=status.HTTP_400_BAD_REQUEST) return Response(status=status.HTTP_201_CREATED) return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def document_signature_download(request, document_pk): document = get_object_or_404(Document, pk=document_pk) try: Permission.check_permissions( request.user, (permission_signature_download,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_signature_download, request.user, document ) try: if DocumentVersionSignature.objects.has_detached_signature(document.latest_version): signature = DocumentVersionSignature.objects.detached_signature( document.latest_version ) return serve_file( request, signature, save_as='"%s.sig"' % document.filename, content_type='application/octet-stream' ) except Exception as exception: messages.error(request, exception) return HttpResponseRedirect(request.META['HTTP_REFERER']) return HttpResponseRedirect(request.META['HTTP_REFERER'])
def delete(self, request, *args, **kwargs): """ Checkin a document. """ document = self.get_object().document if document.checkout_info().user == request.user: try: Permission.check_permissions(request.user, (permission_document_checkin, )) except PermissionDenied: AccessControlList.objects.check_access( permission_document_checkin, request.user, document) else: try: Permission.check_permissions( request.user, (permission_document_checkin_override, )) except PermissionDenied: AccessControlList.objects.check_access( permission_document_checkin_override, request.user, document) return super(APICheckedoutDocumentView, self).delete(request, *args, **kwargs)
def smart_link_condition_create(request, smart_link_pk): smart_link = get_object_or_404(SmartLink, pk=smart_link_pk) try: Permission.check_permissions(request.user, (permission_smart_link_edit, )) except PermissionDenied: AccessControlList.objects.check_access((permission_smart_link_edit, ), request.user, smart_link) if request.method == 'POST': form = SmartLinkConditionForm(data=request.POST) if form.is_valid(): new_smart_link_condition = form.save(commit=False) new_smart_link_condition.smart_link = smart_link new_smart_link_condition.save() messages.success( request, _('Smart link condition: "%s" created successfully.') % new_smart_link_condition) return HttpResponseRedirect( reverse('linking:smart_link_condition_list', args=(smart_link.pk, ))) else: form = SmartLinkConditionForm() return render_to_response( 'appearance/generic_form.html', { 'form': form, 'title': _('Add new conditions to smart link: "%s"') % smart_link, 'object': smart_link, }, context_instance=RequestContext(request))
def view_action(self): document = self.get_object() if document.checkout_info().user == self.request.user: try: Permission.check_permissions(self.request.user, (permission_document_checkin, )) except PermissionDenied: AccessControlList.objects.check_access( permission_document_checkin, self.request.user, document) else: try: Permission.check_permissions( self.request.user, (permission_document_checkin_override, )) except PermissionDenied: AccessControlList.objects.check_access( permission_document_checkin_override, self.request.user, document) try: document.check_in(user=self.request.user) except DocumentNotCheckedOut: messages.error(self.request, _('Document has not been checked out.')) except Exception as exception: messages.error( self.request, _('Error trying to check in document; %s') % exception) else: messages.success( self.request, _('Document "%s" checked in successfully.') % document)
def key_delete(request, fingerprint, key_type): Permission.check_permissions(request.user, (permission_key_delete,)) secret = key_type == 'sec' key = Key.get(gpg, fingerprint, secret=secret) post_action_redirect = redirect('django_gpg:key_public_list') previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) next = request.POST.get('next', request.GET.get('next', post_action_redirect if post_action_redirect else request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) if request.method == 'POST': try: gpg.delete_key(key) messages.success(request, _('Key: %s, deleted successfully.') % fingerprint) return HttpResponseRedirect(next) except Exception as exception: messages.error(request, exception) return HttpResponseRedirect(previous) return render_to_response('appearance/generic_confirm.html', { 'title': _('Delete key'), 'delete_view': True, 'message': _( 'Delete key %s? If you delete a public key that is part of a ' 'public/private pair the private key will be deleted as well.' ) % key, 'next': next, 'previous': previous, }, context_instance=RequestContext(request))
def dispatch(self, request, *args, **kwargs): self.subtemplates_list = [] self.document = get_object_or_404(Document, pk=kwargs['document_pk']) if NewVersionBlock.objects.is_blocked(self.document): messages.error( self.request, _('Document "%s" is blocked from uploading new versions.') % self.document) return HttpResponseRedirect( reverse('documents:document_version_list', args=(self.document.pk, ))) try: Permission.check_permissions(self.request.user, (permission_document_new_version, )) except PermissionDenied: AccessControlList.objects.check_access( permission_document_new_version, self.request.user, self.document) self.tab_links = UploadBaseView.get_active_tab_links(self.document) return super(UploadInteractiveVersionView, self).dispatch(request, *args, **kwargs)
def has_object_permission(self, request, view, obj): required_permission = getattr(view, 'mayan_object_permissions', {}).get(request.method, None) if required_permission: try: Permission.check_permissions(request.user, required_permission) except PermissionDenied: try: if hasattr(view, 'mayan_permission_attribute_check'): AccessControlList.objects.check_access( permissions=required_permission, user=request.user, obj=obj, related=view.mayan_permission_attribute_check) else: AccessControlList.objects.check_access( required_permission, request.user, obj) except PermissionDenied: return False else: return True else: return True else: return True
def template_node_edit(request, node_pk): node = get_object_or_404(IndexTemplateNode, pk=node_pk) try: Permission.check_permissions( request.user, (permission_document_indexing_edit,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_document_indexing_edit, request.user, node.index ) if request.method == 'POST': form = IndexTemplateNodeForm(request.POST, instance=node) if form.is_valid(): form.save() messages.success( request, _('Index template node edited successfully') ) return HttpResponseRedirect( reverse('indexing:index_setup_view', args=(node.index.pk,)) ) else: form = IndexTemplateNodeForm(instance=node) return render_to_response('appearance/generic_form.html', { 'form': form, 'index': node.index, 'navigation_object_list': ('index', 'node'), 'node': node, 'title': _('Edit index template node: %s') % node, }, context_instance=RequestContext(request))
def document_version_revert(request, document_version_pk): document_version = get_object_or_404(DocumentVersion, pk=document_version_pk) try: Permission.check_permissions(request.user, (permission_document_version_revert,)) except PermissionDenied: AccessControlList.objects.check_access(permission_document_version_revert, request.user, document_version.document) previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) if request.method == 'POST': try: document_version.revert(_user=request.user) messages.success(request, _('Document version reverted successfully')) except Exception as exception: messages.error(request, _('Error reverting document version; %s') % exception) return HttpResponseRedirect(previous) return render_to_response('appearance/generic_confirm.html', { 'previous': previous, 'object': document_version.document, 'title': _('Revert to this version?'), 'message': _('All later version after this one will be deleted too.'), }, context_instance=RequestContext(request))
def template_node_edit(request, node_pk): node = get_object_or_404(IndexTemplateNode, pk=node_pk) try: Permission.check_permissions(request.user, (permission_document_indexing_edit, )) except PermissionDenied: AccessControlList.objects.check_access( permission_document_indexing_edit, request.user, node.index) if request.method == 'POST': form = IndexTemplateNodeForm(request.POST, instance=node) if form.is_valid(): form.save() messages.success(request, _('Index template node edited successfully')) return HttpResponseRedirect( reverse('indexing:index_setup_view', args=(node.index.pk, ))) else: form = IndexTemplateNodeForm(instance=node) return render_to_response( 'appearance/generic_form.html', { 'form': form, 'index': node.index, 'navigation_object_list': ('index', 'node'), 'node': node, 'title': _('Edit index template node: %s') % node, }, context_instance=RequestContext(request))
def document_type_filename_create(request, document_type_id): Permission.check_permissions(request.user, (permission_document_type_edit,)) document_type = get_object_or_404(DocumentType, pk=document_type_id) if request.method == 'POST': form = DocumentTypeFilenameForm_create(request.POST) if form.is_valid(): try: document_type_filename = DocumentTypeFilename( document_type=document_type, filename=form.cleaned_data['filename'], enabled=True ) document_type_filename.save() messages.success(request, _('Document type quick label created successfully')) return HttpResponseRedirect(reverse('documents:document_type_filename_list', args=(document_type_id,))) except Exception as exception: messages.error(request, _('Error creating document type quick label; %(error)s') % { 'error': exception}) else: form = DocumentTypeFilenameForm_create() return render_to_response('appearance/generic_form.html', { 'document_type': document_type, 'form': form, 'navigation_object_list': ('document_type',), 'title': _('Create quick label for document type: %s') % document_type, }, context_instance=RequestContext(request))
def transform_page(request, document_page_id, zoom_function=None, rotation_function=None): document_page = get_object_or_404(DocumentPage, pk=document_page_id) try: Permission.check_permissions(request.user, (permission_document_view,)) except PermissionDenied: AccessControlList.objects.check_access(permission_document_view, request.user, document_page.document) view = resolve(urlparse.urlparse(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))).path).view_name # Get the query string from the referer url query = urlparse.urlparse(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))).query # Parse the query string and get the zoom value # parse_qs return a dictionary whose values are lists zoom = int(urlparse.parse_qs(query).get('zoom', ['100'])[0]) rotation = int(urlparse.parse_qs(query).get('rotation', ['0'])[0]) if zoom_function: zoom = zoom_function(zoom) if rotation_function: rotation = rotation_function(rotation) return HttpResponseRedirect( '?'.join([ reverse(view, args=(document_page.pk,)), urlencode({'zoom': zoom, 'rotation': rotation}) ]) )
def has_object_permission(self, request, view, obj): required_permission = getattr( view, 'mayan_object_permissions', {} ).get(request.method, None) if required_permission: try: Permission.check_permissions(request.user, required_permission) except PermissionDenied: try: if hasattr(view, 'mayan_permission_attribute_check'): AccessControlList.objects.check_access( permissions=required_permission, user=request.user, obj=obj, related=view.mayan_permission_attribute_check ) else: AccessControlList.objects.check_access( required_permission, request.user, obj ) except PermissionDenied: return False else: return True else: return True else: return True
def post(self, request, *args, **kwargs): """ Add an optional metadata type to a document type. """ document_type = get_object_or_404(DocumentType, pk=self.kwargs['document_type_pk']) try: Permission.check_permissions(self.request.user, (permission_document_type_edit, )) except PermissionDenied: AccessControlList.objects.check_access( permission_document_type_edit, self.request.user, document_type) serializer = self.get_serializer(data=self.request.data) if serializer.is_valid(): metadata_type = get_object_or_404( MetadataType, pk=serializer.data['metadata_type_pk']) document_type_metadata_type = document_type.metadata.create( metadata_type=metadata_type, required=self.required_metadata) return Response(status=status.HTTP_201_CREATED, data={'pk': document_type_metadata_type.pk}) else: return Response(status=status.HTTP_400_BAD_REQUEST)
def get_queryset(self): document_type = get_object_or_404(DocumentType, pk=self.kwargs["document_type_pk"]) try: Permission.check_permissions(self.request.user, (permission_document_type_view,)) except PermissionDenied: AccessControlList.objects.check_access(permission_document_type_view, self.request.user, document_type) return document_type.metadata.filter(required=self.required_metadata)
def smart_link_condition_delete(request, smart_link_condition_pk): smart_link_condition = get_object_or_404(SmartLinkCondition, pk=smart_link_condition_pk) try: Permission.check_permissions(request.user, (permission_smart_link_edit, )) except PermissionDenied: AccessControlList.objects.check_access((permission_smart_link_edit, ), request.user, smart_link_condition.smart_link) next = request.POST.get( 'next', request.GET.get( 'next', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) previous = request.POST.get( 'previous', request.GET.get( 'previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) if request.method == 'POST': try: smart_link_condition.delete() messages.success( request, _('Smart link condition: "%s" deleted successfully.') % smart_link_condition) except Exception as exception: messages.error( request, _('Error deleting smart link condition: ' '%(smart_link_condition)s; %(exception)s.') % { 'smart_link_condition': smart_link_condition, 'exception': exception }) return HttpResponseRedirect(next) return render_to_response('appearance/generic_confirm.html', { 'condition': smart_link_condition, 'delete_view': True, 'navigation_object_list': ('object', 'condition'), 'next': next, 'object': smart_link_condition.smart_link, 'previous': previous, 'title': _('Delete smart link condition: "%s"?') % smart_link_condition, }, context_instance=RequestContext(request))
def dispatch(self, request, *args, **kwargs): try: Permission.check_permissions(request.user, (permission_document_view, )) except PermissionDenied: AccessControlList.objects.check_access(permission_document_view, request.user, self.get_object().document) return super(DocumentPageView, self).dispatch(request, *args, **kwargs)
def object_action(self, instance): try: Permission.check_permissions(self.request.user, (permission_ocr_document, )) except PermissionDenied: AccessControlList.objects.check_access(permission_ocr_document, self.request.user, instance) instance.submit_for_ocr()
def object_action(self, instance): try: Permission.check_permissions(self.request.user, (permission_document_trash, )) except PermissionDenied: AccessControlList.objects.check_access(permission_document_trash, self.request.user, instance) instance.delete()
def get_document(self): document = get_object_or_404(Document, pk=self.kwargs['document_pk']) try: Permission.check_permissions(self.request.user, (permission_document_view, )) except PermissionDenied: AccessControlList.objects.check_access(permission_document_view, self.request.user, document) return document
def get_queryset(self): document = self.get_document() try: Permission.check_permissions(self.request.user, (permission_document_view, )) except PermissionDenied: AccessControlList.objects.check_access(permission_document_view, self.request.user, document) return document.attached_tags().all()
def get_queryset(self): tag = get_object_or_404(Tag, pk=self.kwargs['pk']) try: Permission.check_permissions(self.request.user, (permission_tag_view, )) except PermissionDenied: AccessControlList.objects.check_access(permission_tag_view, self.request.user, tag) return tag.documents.all()
def dispatch(self, request, *args, **kwargs): if self.view_permission: Permission.check_permissions( requester=self.request.user, permissions=(self.view_permission,) ) return super( ViewPermissionCheckMixin, self ).dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs): try: Permission.check_permissions(request.user, (permission_smart_link_edit, )) except PermissionDenied: AccessControlList.objects.check_access( (permission_smart_link_edit, ), request.user, self.get_smart_link()) return super(SmartLinkConditionCreateView, self).dispatch(request, *args, **kwargs)
def get_document_count(self, user): queryset = self.documents try: Permission.check_permissions(user, (permission_document_view, )) except PermissionDenied: queryset = AccessControlList.objects.filter_by_access( permission_document_view, user, queryset) return queryset.count()
def document_verify(request, document_pk): document = get_object_or_404(Document, pk=document_pk) try: Permission.check_permissions( request.user, (permission_document_verify,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_document_verify, request.user, document ) document.add_as_recent_document_for_user(request.user) try: signature = DocumentVersionSignature.objects.verify_signature( document.latest_version ) except AttributeError: signature_state = SIGNATURE_STATES.get(SIGNATURE_STATE_NONE) signature = None else: signature_state = SIGNATURE_STATES.get( getattr(signature, 'status', None) ) paragraphs = [_('Signature status: %s') % signature_state['text']] try: if DocumentVersionSignature.objects.has_embedded_signature(document.latest_version): signature_type = _('Embedded') else: signature_type = _('Detached') except ValueError: signature_type = _('None') if signature: paragraphs.extend( [ _('Signature ID: %s') % signature.signature_id, _('Signature type: %s') % signature_type, _('Key ID: %s') % signature.key_id, _('Timestamp: %s') % datetime.fromtimestamp( int(signature.sig_timestamp) ), _('Signee: %s') % force_escape(getattr(signature, 'username', '')), ] ) return render_to_response('appearance/generic_template.html', { 'document': document, 'object': document, 'paragraphs': paragraphs, 'title': _('Signature properties for document: %s') % document, }, context_instance=RequestContext(request))
def document_update_page_count(request, document_id=None, document_id_list=None): if document_id: documents = Document.objects.filter(pk=document_id) elif document_id_list: documents = Document.objects.filter(pk__in=document_id_list) if not documents: messages.error(request, _('At least one document must be selected.')) return HttpResponseRedirect( request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))) try: Permission.check_permissions(request.user, (permission_document_tools, )) except PermissionDenied: documents = AccessControlList.objects.filter_by_access( permission_document_tools, request.user, documents) previous = request.POST.get( 'previous', request.GET.get( 'previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) if request.method == 'POST': for document in documents: task_update_page_count.apply_async( kwargs={'version_id': document.latest_version.pk}) messages.success( request, ungettext(_('Document queued for page count recalculation.'), _('Documents queued for page count recalculation.'), documents.count())) return HttpResponseRedirect(previous) context = { 'previous': previous, 'title': ungettext('Recalculate the page count of the selected document?', 'Recalculate the page count of the selected documents?', documents.count()) } if documents.count() == 1: context['object'] = documents.first() return render_to_response('appearance/generic_confirm.html', context, context_instance=RequestContext(request))
def object_action(self, instance): try: Permission.check_permissions( self.request.user, (permission_document_trash,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_document_trash, self.request.user, instance ) instance.delete()
def object_action(self, instance): try: Permission.check_permissions( self.request.user, (permission_ocr_document,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_ocr_document, self.request.user, instance ) instance.submit_for_ocr()
def get_queryset(self): document_type = get_object_or_404(DocumentType, pk=self.kwargs['pk']) try: Permission.check_permissions(self.request.user, (permission_document_type_view, )) except PermissionDenied: AccessControlList.objects.check_access( permission_document_type_view, self.request.user, document_type) return document_type.documents.all()
def get_document_count(self, user): queryset = self.documents try: Permission.check_permissions(user, (permission_document_view,)) except PermissionDenied: queryset = AccessControlList.objects.filter_by_access( permission_document_view, user, queryset ) return queryset.count()
def get_queryset(self): document = get_object_or_404(Document, pk=self.kwargs['pk']) try: Permission.check_permissions(self.request.user, (permission_document_view, )) except PermissionDenied: AccessControlList.objects.check_access(permission_document_view, self.request.user, document) queryset = document.document_folders().all() return queryset
def dispatch(self, request, *args, **kwargs): try: Permission.check_permissions( request.user, (permission_document_version_sign_detached, )) except PermissionDenied: AccessControlList.objects.check_access( permission_document_version_sign_detached, request.user, self.get_document_version().document) return super(DocumentVersionDetachedSignatureCreateView, self).dispatch(request, *args, **kwargs)
def document_update_page_count(request, document_id=None, document_id_list=None): if document_id: documents = Document.objects.filter(pk=document_id) elif document_id_list: documents = Document.objects.filter(pk__in=document_id_list) if not documents: messages.error(request, _('At least one document must be selected.')) return HttpResponseRedirect(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))) try: Permission.check_permissions( request.user, (permission_document_tools,) ) except PermissionDenied: documents = AccessControlList.objects.filter_by_access( permission_document_tools, request.user, documents ) previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) if request.method == 'POST': for document in documents: task_update_page_count.apply_async( kwargs={'version_id': document.latest_version.pk} ) messages.success( request, ungettext( _('Document queued for page count recalculation.'), _('Documents queued for page count recalculation.'), documents.count() ) ) return HttpResponseRedirect(previous) context = { 'previous': previous, 'title': ungettext( 'Recalculate the page count of the selected document?', 'Recalculate the page count of the selected documents?', documents.count() ) } if documents.count() == 1: context['object'] = documents.first() return render_to_response( 'appearance/generic_confirm.html', context, context_instance=RequestContext(request) )
def get_queryset(self): document = self.get_document() try: Permission.check_permissions( self.request.user, (permission_document_view,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_document_view, self.request.user, document ) return document.attached_tags().all()
def get_queryset(self): tag = get_object_or_404(Tag, pk=self.kwargs['pk']) try: Permission.check_permissions( self.request.user, (permission_tag_view,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_tag_view, self.request.user, tag ) return tag.documents.all()
def document_page_navigation_last(request, document_page_id): document_page = get_object_or_404(DocumentPage, pk=document_page_id) document_page = get_object_or_404(document_page.siblings, page_number=document_page.siblings.count()) try: Permission.check_permissions(request.user, (permission_document_view,)) except PermissionDenied: AccessControlList.objects.check_access(permission_document_view, request.user, document_page.document) view = resolve(urlparse.urlparse(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))).path).view_name return HttpResponseRedirect('{0}?{1}'.format(reverse(view, args=(document_page.pk,)), request.GET.urlencode()))
def get_queryset(self): try: Permission.check_permissions( self.request.user, (permission_comment_view,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_comment_view, self.request.user, self.get_document() ) return self.get_document().comments.all()
def get_queryset(self): document = get_object_or_404(Document, pk=self.kwargs['pk']) try: Permission.check_permissions( self.request.user, (permission_document_view,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_document_view, self.request.user, document ) return document.node_instances.all()
def dispatch(self, request, *args, **kwargs): try: Permission.check_permissions( request.user, (permission_document_view,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_document_view, request.user, self.get_document() ) return super( DocumentIndexNodeListView, self ).dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs): acl = get_object_or_404(AccessControlList, pk=self.kwargs['pk']) try: Permission.check_permissions( request.user, permissions=(permission_acl_edit,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_acl_edit, request.user, acl.content_object ) return super(ACLDeleteView, self).dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs): try: Permission.check_permissions( request.user, (permission_workflow_view,) ) except PermissionDenied: AccessControlList.objects.check_access( permission_workflow_view, request.user, self.get_workflow() ) return super( SetupWorkflowStateListView, self ).dispatch(request, *args, **kwargs)
def document_create_siblings(request, document_id): Permission.check_permissions(request.user, (permission_document_create,)) document = get_object_or_404(Document, pk=document_id) query_dict = {} for pk, metadata in enumerate(document.metadata.all()): query_dict['metadata%s_id' % pk] = metadata.metadata_type_id query_dict['metadata%s_value' % pk] = metadata.value query_dict['document_type_id'] = document.document_type_id url = reverse('sources:upload_interactive') return HttpResponseRedirect('%s?%s' % (url, urlencode(query_dict)))