def dispatch(self, request, *args, **kwargs):
self.document = get_object_or_404(
Document, pk=self.kwargs['document_pk']
)
self.smart_link = get_object_or_404(
SmartLink, pk=self.kwargs['smart_link_pk']
)
try:
Permission.check_permissions(
request.user, (permission_document_view,)
)
except PermissionDenied:
AccessControlList.objects.check_access(
permission_document_view, request.user, self.document
)
try:
Permission.check_permissions(
request.user, (permission_smart_link_view,)
)
except PermissionDenied:
AccessControlList.objects.check_access(
permission_smart_link_view, request.user, self.smart_link
)
return super(
ResolvedSmartLinkView, self
).dispatch(request, *args, **kwargs)
def template_node_edit(request, node_pk):
node = get_object_or_404(IndexTemplateNode, pk=node_pk)
try:
Permission.check_permissions(
request.user, (permission_document_indexing_edit,)
)
except PermissionDenied:
AccessControlList.objects.check_access(
permission_document_indexing_edit, request.user, node.index
)
if request.method == 'POST':
form = IndexTemplateNodeForm(request.POST, instance=node)
if form.is_valid():
form.save()
messages.success(
request, _('Index template node edited successfully')
)
return HttpResponseRedirect(
reverse('indexing:index_setup_view', args=(node.index.pk,))
)
else:
form = IndexTemplateNodeForm(instance=node)
return render_to_response('appearance/generic_form.html', {
'form': form,
'index': node.index,
'navigation_object_list': ('index', 'node'),
'node': node,
'title': _('Edit index template node: %s') % node,
}, context_instance=RequestContext(request))
def transform_page(request, document_page_id, zoom_function=None, rotation_function=None):
document_page = get_object_or_404(DocumentPage, pk=document_page_id)
try:
Permission.check_permissions(request.user, (permission_document_view,))
except PermissionDenied:
AccessControlList.objects.check_access(permission_document_view, request.user, document_page.document)
view = resolve(urlparse.urlparse(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))).path).view_name
# Get the query string from the referer url
query = urlparse.urlparse(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))).query
# Parse the query string and get the zoom value
# parse_qs return a dictionary whose values are lists
zoom = int(urlparse.parse_qs(query).get('zoom', ['100'])[0])
rotation = int(urlparse.parse_qs(query).get('rotation', ['0'])[0])
if zoom_function:
zoom = zoom_function(zoom)
if rotation_function:
rotation = rotation_function(rotation)
return HttpResponseRedirect(
'?'.join([
reverse(view, args=(document_page.pk,)),
urlencode({'zoom': zoom, 'rotation': rotation})
])
)
def document_signature_download(request, document_pk):
document = get_object_or_404(Document, pk=document_pk)
try:
Permission.check_permissions(
request.user, (permission_signature_download,)
)
except PermissionDenied:
AccessControlList.objects.check_access(
permission_signature_download, request.user, document
)
try:
if DocumentVersionSignature.objects.has_detached_signature(document.latest_version):
signature = DocumentVersionSignature.objects.detached_signature(
document.latest_version
)
return serve_file(
request,
signature,
save_as='"%s.sig"' % document.filename,
content_type='application/octet-stream'
)
except Exception as exception:
messages.error(request, exception)
return HttpResponseRedirect(request.META['HTTP_REFERER'])
return HttpResponseRedirect(request.META['HTTP_REFERER'])
def delete(self, request, *args, **kwargs):
"""
Checkin a document.
"""
document = self.get_object().document
if document.checkout_info().user == request.user:
try:
Permission.check_permissions(
request.user, (permission_document_checkin,)
)
except PermissionDenied:
AccessControlList.objects.check_access(
permission_document_checkin, request.user, document
)
else:
try:
Permission.check_permissions(
request.user, (permission_document_checkin_override,)
)
except PermissionDenied:
AccessControlList.objects.check_access(
permission_document_checkin_override, request.user,
document
)
return super(
APICheckedoutDocumentView, self
).delete(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs):
self.content_type = get_object_or_404(
ContentType, app_label=self.kwargs['app_label'],
model=self.kwargs['model']
)
try:
self.content_object = self.content_type.get_object_for_this_type(
pk=self.kwargs['object_id']
)
except self.content_type.model_class().DoesNotExist:
raise Http404
try:
Permission.check_permissions(
request.user, permissions=(permission_events_view,)
)
except PermissionDenied:
AccessControlList.objects.check_access(
permission_events_view, request.user, self.content_object
)
return super(
ObjectEventListView, self
).dispatch(request, *args, **kwargs)
def key_receive(request, key_id):
Permission.check_permissions(request.user, (permission_key_receive,))
previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))))
if request.method == 'POST':
try:
gpg.receive_key(key_id=key_id)
except Exception as exception:
messages.error(
request,
_('Unable to import key: %(key_id)s; %(error)s') %
{
'key_id': key_id,
'error': exception,
}
)
return HttpResponseRedirect(previous)
else:
messages.success(
request,
_('Successfully received key: %(key_id)s') %
{
'key_id': key_id,
}
)
return redirect('django_gpg:key_public_list')
return render_to_response('appearance/generic_confirm.html', {
'message': _('Import key ID: %s?') % key_id,
'previous': previous,
'title': _('Import key'),
}, context_instance=RequestContext(request))
def dispatch(self, request, *args, **kwargs):
self.subtemplates_list = []
self.document = get_object_or_404(Document, pk=kwargs['document_pk'])
if NewVersionBlock.objects.is_blocked(self.document):
messages.error(
self.request,
_(
'Document "%s" is blocked from uploading new versions.'
) % self.document
)
return HttpResponseRedirect(
reverse(
'documents:document_version_list', args=(self.document.pk,)
)
)
try:
Permission.check_permissions(
self.request.user, (permission_document_new_version,)
)
except PermissionDenied:
AccessControlList.objects.check_access(
permission_document_new_version, self.request.user,
self.document
)
self.tab_links = UploadBaseView.get_active_tab_links(self.document)
return super(
UploadInteractiveVersionView, self
).dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs):
content_type = get_object_or_404(
ContentType, app_label=self.kwargs['app_label'],
model=self.kwargs['model']
)
try:
self.content_object = content_type.get_object_for_this_type(
pk=self.kwargs['object_id']
)
except content_type.model_class().DoesNotExist:
raise Http404
try:
Permission.check_permissions(
request.user, (permission_transformation_create,)
)
except PermissionDenied:
AccessControlList.objects.check_access(
permission_transformation_create, request.user,
self.content_object
)
return super(TransformationCreateView, self).dispatch(
request, *args, **kwargs
)
def has_object_permission(self, request, view, obj):
required_permission = getattr(
view, 'mayan_object_permissions', {}
).get(request.method, None)
if required_permission:
try:
Permission.check_permissions(request.user, required_permission)
except PermissionDenied:
try:
if hasattr(view, 'mayan_permission_attribute_check'):
AccessControlList.objects.check_access(
permissions=required_permission,
user=request.user, obj=obj,
related=view.mayan_permission_attribute_check
)
else:
AccessControlList.objects.check_access(
required_permission, request.user, obj
)
except PermissionDenied:
return False
else:
return True
else:
return True
else:
return True
def key_delete(request, fingerprint, key_type):
Permission.check_permissions(request.user, (permission_key_delete,))
secret = key_type == 'sec'
key = Key.get(gpg, fingerprint, secret=secret)
post_action_redirect = redirect('django_gpg:key_public_list')
previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))))
next = request.POST.get('next', request.GET.get('next', post_action_redirect if post_action_redirect else request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))))
if request.method == 'POST':
try:
gpg.delete_key(key)
messages.success(request, _('Key: %s, deleted successfully.') % fingerprint)
return HttpResponseRedirect(next)
except Exception as exception:
messages.error(request, exception)
return HttpResponseRedirect(previous)
return render_to_response('appearance/generic_confirm.html', {
'title': _('Delete key'),
'delete_view': True,
'message': _(
'Delete key %s? If you delete a public key that is part of a '
'public/private pair the private key will be deleted as well.'
) % key,
'next': next,
'previous': previous,
}, context_instance=RequestContext(request))
def document_type_filename_create(request, document_type_id):
Permission.check_permissions(request.user, (permission_document_type_edit,))
document_type = get_object_or_404(DocumentType, pk=document_type_id)
if request.method == 'POST':
form = DocumentTypeFilenameForm_create(request.POST)
if form.is_valid():
try:
document_type_filename = DocumentTypeFilename(
document_type=document_type,
filename=form.cleaned_data['filename'],
enabled=True
)
document_type_filename.save()
messages.success(request, _('Document type quick label created successfully'))
return HttpResponseRedirect(reverse('documents:document_type_filename_list', args=(document_type_id,)))
except Exception as exception:
messages.error(request, _('Error creating document type quick label; %(error)s') % {
'error': exception})
else:
form = DocumentTypeFilenameForm_create()
return render_to_response('appearance/generic_form.html', {
'document_type': document_type,
'form': form,
'navigation_object_list': ('document_type',),
'title': _('Create quick label for document type: %s') % document_type,
}, context_instance=RequestContext(request))
def document_version_revert(request, document_version_pk):
document_version = get_object_or_404(DocumentVersion, pk=document_version_pk)
try:
Permission.check_permissions(request.user, (permission_document_version_revert,))
except PermissionDenied:
AccessControlList.objects.check_access(permission_document_version_revert, request.user, document_version.document)
previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))))
if request.method == 'POST':
try:
document_version.revert(_user=request.user)
messages.success(request, _('Document version reverted successfully'))
except Exception as exception:
messages.error(request, _('Error reverting document version; %s') % exception)
return HttpResponseRedirect(previous)
return render_to_response('appearance/generic_confirm.html', {
'previous': previous,
'object': document_version.document,
'title': _('Revert to this version?'),
'message': _('All later version after this one will be deleted too.'),
}, context_instance=RequestContext(request))
def get_document_image(request, document_id, size=setting_preview_size.value):
document = get_object_or_404(Document.passthrough, pk=document_id)
try:
Permission.check_permissions(request.user, (permission_document_view,))
except PermissionDenied:
AccessControlList.objects.check_access(
permission_document_view, request.user, document
)
page = int(request.GET.get('page', DEFAULT_PAGE_NUMBER))
zoom = int(request.GET.get('zoom', DEFAULT_ZOOM_LEVEL))
version = int(request.GET.get('version', document.latest_version.pk))
if zoom < setting_zoom_min_level.value:
zoom = setting_zoom_min_level.value
if zoom > setting_zoom_max_level.value:
zoom = setting_zoom_max_level.value
rotation = int(request.GET.get('rotation', DEFAULT_ROTATION)) % 360
document_page = document.pages.get(page_number=page)
task = task_get_document_page_image.apply_async(kwargs=dict(document_page_id=document_page.pk, size=size, zoom=zoom, rotation=rotation, as_base64=True, version=version))
data = task.get(timeout=DOCUMENT_IMAGE_TASK_TIMEOUT)
return HttpResponse(base64.b64decode(data[21:]), content_type='image')
def get_queryset(self):
document_type = get_object_or_404(DocumentType, pk=self.kwargs["document_type_pk"])
try:
Permission.check_permissions(self.request.user, (permission_document_type_view,))
except PermissionDenied:
AccessControlList.objects.check_access(permission_document_type_view, self.request.user, document_type)
return document_type.metadata.filter(required=self.required_metadata)
def dispatch(self, request, *args, **kwargs):
if self.view_permission:
Permission.check_permissions(
requester=self.request.user,
permissions=(self.view_permission,)
)
return super(
ViewPermissionCheckMixin, self
).dispatch(request, *args, **kwargs)
def document_verify(request, document_pk):
document = get_object_or_404(Document, pk=document_pk)
try:
Permission.check_permissions(
request.user, (permission_document_verify,)
)
except PermissionDenied:
AccessControlList.objects.check_access(
permission_document_verify, request.user, document
)
document.add_as_recent_document_for_user(request.user)
try:
signature = DocumentVersionSignature.objects.verify_signature(
document.latest_version
)
except AttributeError:
signature_state = SIGNATURE_STATES.get(SIGNATURE_STATE_NONE)
signature = None
else:
signature_state = SIGNATURE_STATES.get(
getattr(signature, 'status', None)
)
paragraphs = [_('Signature status: %s') % signature_state['text']]
try:
if DocumentVersionSignature.objects.has_embedded_signature(document.latest_version):
signature_type = _('Embedded')
else:
signature_type = _('Detached')
except ValueError:
signature_type = _('None')
if signature:
paragraphs.extend(
[
_('Signature ID: %s') % signature.signature_id,
_('Signature type: %s') % signature_type,
_('Key ID: %s') % signature.key_id,
_('Timestamp: %s') % datetime.fromtimestamp(
int(signature.sig_timestamp)
),
_('Signee: %s') % force_escape(getattr(signature, 'username', '')),
]
)
return render_to_response('appearance/generic_template.html', {
'document': document,
'object': document,
'paragraphs': paragraphs,
'title': _('Signature properties for document: %s') % document,
}, context_instance=RequestContext(request))
def object_action(self, instance):
try:
Permission.check_permissions(
self.request.user, (permission_document_trash,)
)
except PermissionDenied:
AccessControlList.objects.check_access(
permission_document_trash, self.request.user, instance
)
instance.delete()
def object_action(self, instance):
try:
Permission.check_permissions(
self.request.user, (permission_ocr_document,)
)
except PermissionDenied:
AccessControlList.objects.check_access(
permission_ocr_document, self.request.user, instance
)
instance.submit_for_ocr()
def get_document_count(self, user):
queryset = self.documents
try:
Permission.check_permissions(user, (permission_document_view,))
except PermissionDenied:
queryset = AccessControlList.objects.filter_by_access(
permission_document_view, user, queryset
)
return queryset.count()
def get_queryset(self):
tag = get_object_or_404(Tag, pk=self.kwargs['pk'])
try:
Permission.check_permissions(
self.request.user, (permission_tag_view,)
)
except PermissionDenied:
AccessControlList.objects.check_access(
permission_tag_view, self.request.user, tag
)
return tag.documents.all()
def document_update_page_count(request, document_id=None, document_id_list=None):
if document_id:
documents = Document.objects.filter(pk=document_id)
elif document_id_list:
documents = Document.objects.filter(pk__in=document_id_list)
if not documents:
messages.error(request, _('At least one document must be selected.'))
return HttpResponseRedirect(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))
try:
Permission.check_permissions(
request.user, (permission_document_tools,)
)
except PermissionDenied:
documents = AccessControlList.objects.filter_by_access(
permission_document_tools, request.user, documents
)
previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))))
if request.method == 'POST':
for document in documents:
task_update_page_count.apply_async(
kwargs={'version_id': document.latest_version.pk}
)
messages.success(
request,
ungettext(
_('Document queued for page count recalculation.'),
_('Documents queued for page count recalculation.'),
documents.count()
)
)
return HttpResponseRedirect(previous)
context = {
'previous': previous,
'title': ungettext(
'Recalculate the page count of the selected document?',
'Recalculate the page count of the selected documents?',
documents.count()
)
}
if documents.count() == 1:
context['object'] = documents.first()
return render_to_response(
'appearance/generic_confirm.html', context,
context_instance=RequestContext(request)
)
def document_page_navigation_last(request, document_page_id):
document_page = get_object_or_404(DocumentPage, pk=document_page_id)
document_page = get_object_or_404(document_page.siblings, page_number=document_page.siblings.count())
try:
Permission.check_permissions(request.user, (permission_document_view,))
except PermissionDenied:
AccessControlList.objects.check_access(permission_document_view, request.user, document_page.document)
view = resolve(urlparse.urlparse(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))).path).view_name
return HttpResponseRedirect('{0}?{1}'.format(reverse(view, args=(document_page.pk,)), request.GET.urlencode()))
def get_queryset(self):
document = self.get_document()
try:
Permission.check_permissions(
self.request.user, (permission_document_view,)
)
except PermissionDenied:
AccessControlList.objects.check_access(
permission_document_view, self.request.user, document
)
return document.attached_tags().all()
def get_queryset(self):
document = get_object_or_404(Document, pk=self.kwargs['pk'])
try:
Permission.check_permissions(
self.request.user, (permission_document_view,)
)
except PermissionDenied:
AccessControlList.objects.check_access(
permission_document_view, self.request.user, document
)
return document.node_instances.all()
def get_queryset(self):
try:
Permission.check_permissions(
self.request.user, (permission_comment_view,)
)
except PermissionDenied:
AccessControlList.objects.check_access(
permission_comment_view, self.request.user,
self.get_document()
)
return self.get_document().comments.all()
def dispatch(self, request, *args, **kwargs):
try:
Permission.check_permissions(
request.user, (permission_document_view,)
)
except PermissionDenied:
AccessControlList.objects.check_access(
permission_document_view, request.user, self.get_document()
)
return super(
DocumentIndexNodeListView, self
).dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs):
try:
Permission.check_permissions(
request.user, (permission_workflow_view,)
)
except PermissionDenied:
AccessControlList.objects.check_access(
permission_workflow_view, request.user, self.get_workflow()
)
return super(
SetupWorkflowStateListView, self
).dispatch(request, *args, **kwargs)
def document_create_siblings(request, document_id):
Permission.check_permissions(request.user, (permission_document_create,))
document = get_object_or_404(Document, pk=document_id)
query_dict = {}
for pk, metadata in enumerate(document.metadata.all()):
query_dict['metadata%s_id' % pk] = metadata.metadata_type_id
query_dict['metadata%s_value' % pk] = metadata.value
query_dict['document_type_id'] = document.document_type_id
url = reverse('sources:upload_interactive')
return HttpResponseRedirect('%s?%s' % (url, urlencode(query_dict)))
def dispatch(self, request, *args, **kwargs):
acl = get_object_or_404(AccessControlList, pk=self.kwargs['pk'])
try:
Permission.check_permissions(
request.user, permissions=(permission_acl_edit,)
)
except PermissionDenied:
AccessControlList.objects.check_access(
permission_acl_edit, request.user, acl.content_object
)
return super(ACLDeleteView, self).dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs):
self.index_instance_node = get_object_or_404(IndexInstanceNode,
pk=self.kwargs['pk'])
try:
Permission.check_permissions(request.user,
(permission_document_indexing_view, ))
except PermissionDenied:
AccessControlList.objects.check_access(
permission_document_indexing_view, request.user,
self.index_instance_node.index())
if self.index_instance_node:
if self.index_instance_node.index_template_node.link_documents:
return DocumentListView.dispatch(self, request, *args,
**kwargs)
return SingleObjectListView.dispatch(self, request, *args, **kwargs)
def __init__(self, *args, **kwargs):
user = kwargs.pop('user', None)
logger.debug('user: %s', user)
super(TagMultipleSelectionForm, self).__init__(*args, **kwargs)
queryset = Tag.objects.all()
try:
Permission.check_permissions(user, (permission_tag_view, ))
except PermissionDenied:
queryset = AccessControlList.objects.filter_by_access(
permission_tag_view, user, queryset)
self.fields['tags'] = forms.MultipleChoiceField(
label=_('Tags'),
choices=queryset.values_list('id', 'label'),
help_text=_('Tags to attach to the document.'),
required=False,
widget=forms.CheckboxSelectMultiple)
def get_queryset(self):
if self.request.method == 'GET':
documents = DocumentCheckout.objects.checked_out_documents()
try:
Permission.check_permissions(self.request.user,
(permission_document_view, ))
except PermissionDenied:
filtered_documents = AccessControlList.objects.filter_by_access(
(permission_document_view, ), self.request.user, documents)
else:
filtered_documents = documents
return DocumentCheckout.objects.filter(
document__pk__in=filtered_documents.values_list('pk',
flat=True))
elif self.request.method == 'DELETE':
return DocumentCheckout.objects.all()
def dispatch(self, request, *args, **kwargs):
self.transformation = get_object_or_404(
Transformation, pk=self.kwargs['pk']
)
try:
Permission.check_permissions(
request.user, (permission_transformation_delete,)
)
except PermissionDenied:
AccessControlList.objects.check_access(
permission_transformation_delete, request.user,
self.transformation.content_object
)
return super(TransformationDeleteView, self).dispatch(
request, *args, **kwargs
)
def get_document(self):
if self.request.method == 'GET':
permission_required = permission_workflow_view
else:
permission_required = permission_workflow_transition
document = get_object_or_404(Document, pk=self.kwargs['pk'])
try:
Permission.check_permissions(
self.request.user, (permission_required,)
)
except PermissionDenied:
AccessControlList.objects.check_access(
permission_required, self.request.user, document
)
return document
def get_workflow(self):
if self.request.method == 'GET':
permission_required = permission_workflow_view
else:
permission_required = permission_workflow_edit
workflow = get_object_or_404(Workflow, pk=self.kwargs['pk'])
try:
Permission.check_permissions(
self.request.user, (permission_required,)
)
except PermissionDenied:
AccessControlList.objects.check_access(
permission_required, self.request.user, workflow
)
return workflow
def __init__(self, *args, **kwargs):
user = kwargs.pop('user', None)
logger.debug('user: %s', user)
super(DocumentTypeSelectForm, self).__init__(*args, **kwargs)
queryset = DocumentType.objects.all()
try:
Permission.check_permissions(user, (permission_document_create, ))
except PermissionDenied:
queryset = AccessControlList.objects.filter_by_access(
permission_document_create, user, queryset)
self.fields['document_type'] = forms.ModelChoiceField(
empty_label=None,
label=_('Document type'),
queryset=queryset,
required=True,
widget=forms.widgets.Select(attrs={'size': 10}))
def widget_document_tags(document, user):
"""
A tag widget that displays the tags for the given document
"""
tags_template = []
tags = document.attached_tags().all()
try:
Permission.check_permissions(user, (permission_tag_view, ))
except PermissionDenied:
tags = AccessControlList.objects.filter_by_access(
permission_tag_view, user, tags)
for tag in tags:
tags_template.append(widget_single_tag(tag))
return mark_safe(''.join(tags_template))
def document_signature_delete(request, document_pk):
document = get_object_or_404(Document, pk=document_pk)
try:
Permission.check_permissions(
request.user, (permission_signature_delete,)
)
except PermissionDenied:
AccessControlList.objects.check_access(
permission_signature_delete, request.user, document
)
document.add_as_recent_document_for_user(request.user)
post_action_redirect = None
previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))))
next = request.POST.get('next', request.GET.get('next', post_action_redirect if post_action_redirect else request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))))
if request.method == 'POST':
try:
DocumentVersionSignature.objects.clear_detached_signature(
document.latest_version
)
messages.success(
request, _('Detached signature deleted successfully.')
)
return HttpResponseRedirect(next)
except Exception as exception:
messages.error(
request, _(
'Error while deleting the detached signature; %s'
) % exception
)
return HttpResponseRedirect(previous)
return render_to_response('appearance/generic_confirm.html', {
'delete_view': True,
'next': next,
'object': document,
'previous': previous,
'title': _(
'Delete the detached signature from document: %s?'
) % document,
}, context_instance=RequestContext(request))
def delete(self, request, *args, **kwargs):
"""
Remove a metadata type from a document type.
"""
document_type = get_object_or_404(DocumentType,
pk=self.kwargs['document_type_pk'])
try:
Permission.check_permissions(self.request.user,
(permission_document_type_edit, ))
except PermissionDenied:
AccessControlList.objects.check_access(
permission_document_type_edit, self.request.user,
document_type)
metadata_type = get_object_or_404(MetadataType,
pk=self.kwargs['metadata_type_pk'])
document_type.metadata_type.remove(metadata_type)
return Response(status=status.HTTP_204_NO_CONTENT)
def get_transition_choices(self, _user=None):
current_state = self.get_current_state()
if current_state:
queryset = current_state.origin_transitions.all()
if _user:
try:
Permission.check_permissions(
requester=_user, permissions=(
permission_workflow_transition,
)
)
except PermissionDenied:
try:
"""
Check for ACL access to the workflow, if true, allow
all transition options.
"""
AccessControlList.objects.check_access(
permissions=permission_workflow_transition,
user=_user, obj=self.workflow
)
except PermissionDenied:
"""
If not ACL access to the workflow, filter transition
options by each transition ACL access
"""
queryset = AccessControlList.objects.filter_by_access(
permission=permission_workflow_transition,
user=_user, queryset=queryset
)
return queryset
else:
"""
This happens when a workflow has no initial state and a document
whose document type has this workflow is created. We return an
empty transition queryset.
"""
return WorkflowTransition.objects.none()
def condition(context):
AccessControlList = apps.get_model(app_label='acls',
model_name='AccessControlList')
Model = apps.get_model(app_label=app_label, model_name=model_name)
if view_permission:
try:
Permission.check_permissions(requester=context.request.user,
permissions=(view_permission, ))
except PermissionDenied:
pass
else:
return True
queryset = AccessControlList.objects.filter_by_access(
permission=object_permission,
user=context.request.user,
queryset=Model.objects.all())
return queryset.count() > 0
def transform_page(request,
document_page_id,
zoom_function=None,
rotation_function=None):
document_page = get_object_or_404(DocumentPage, pk=document_page_id)
try:
Permission.check_permissions(request.user,
(permission_document_view, ))
except PermissionDenied:
AccessControlList.objects.check_access(permission_document_view,
request.user,
document_page.document)
view = resolve(
urlparse.urlparse(
request.META.get('HTTP_REFERER',
reverse(
settings.LOGIN_REDIRECT_URL))).path).view_name
# Get the query string from the referer url
query = urlparse.urlparse(
request.META.get('HTTP_REFERER',
reverse(settings.LOGIN_REDIRECT_URL))).query
# Parse the query string and get the zoom value
# parse_qs return a dictionary whose values are lists
zoom = int(urlparse.parse_qs(query).get('zoom', ['100'])[0])
rotation = int(urlparse.parse_qs(query).get('rotation', ['0'])[0])
if zoom_function:
zoom = zoom_function(zoom)
if rotation_function:
rotation = rotation_function(rotation)
return HttpResponseRedirect('?'.join([
reverse(view, args=(document_page.pk, )),
urlencode({
'zoom': zoom,
'rotation': rotation
})
]))
def document_signature_upload(request, document_pk):
document = get_object_or_404(Document, pk=document_pk)
try:
Permission.check_permissions(
request.user, (permission_signature_upload,)
)
except PermissionDenied:
AccessControlList.objects.check_access(
permission_signature_upload, request.user, document
)
document.add_as_recent_document_for_user(request.user)
post_action_redirect = None
previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))))
next = request.POST.get('next', request.GET.get('next', post_action_redirect if post_action_redirect else request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))))
if request.method == 'POST':
form = DetachedSignatureForm(request.POST, request.FILES)
if form.is_valid():
try:
DocumentVersionSignature.objects.add_detached_signature(
document.latest_version, request.FILES['file']
)
messages.success(
request, _('Detached signature uploaded successfully.')
)
return HttpResponseRedirect(next)
except Exception as exception:
messages.error(request, exception)
return HttpResponseRedirect(previous)
else:
form = DetachedSignatureForm()
return render_to_response('appearance/generic_form.html', {
'form': form,
'next': next,
'object': document,
'previous': previous,
'title': _('Upload detached signature for document: %s') % document,
}, context_instance=RequestContext(request))
def get_queryset(self):
queryset = super(ObjectListPermissionFilterMixin, self).get_queryset()
if self.object_permission:
try:
# Check to see if the user has the permissions globally
Permission.check_permissions(
self.request.user, (self.object_permission,)
)
except PermissionDenied:
# No global permission, filter ther queryset per object +
# permission
return AccessControlList.objects.filter_by_access(
self.object_permission, self.request.user, queryset
)
else:
# Has the permission globally, return all results
return queryset
else:
return queryset
def document_page_navigation_first(request, document_page_id):
document_page = get_object_or_404(DocumentPage, pk=document_page_id)
document_page = get_object_or_404(document_page.siblings, page_number=1)
try:
Permission.check_permissions(request.user,
(permission_document_view, ))
except PermissionDenied:
AccessControlList.objects.check_access(permission_document_view,
request.user,
document_page.document)
view = resolve(
urlparse.urlparse(
request.META.get('HTTP_REFERER',
reverse(
settings.LOGIN_REDIRECT_URL))).path).view_name
return HttpResponseRedirect('{0}?{1}'.format(
reverse(view, args=(document_page.pk, )), request.GET.urlencode()))
def user_add(request):
Permission.check_permissions(request.user, (permission_user_create, ))
if request.method == 'POST':
form = UserForm(request.POST)
if form.is_valid():
user = form.save(commit=False)
user.set_unusable_password()
user.save()
messages.success(request,
_('User "%s" created successfully.') % user)
return HttpResponseRedirect(
reverse('user_management:user_set_password', args=(user.pk, )))
else:
form = UserForm()
return render_to_response('appearance/generic_form.html', {
'title': _('Create new user'),
'form': form,
},
context_instance=RequestContext(request))
def get_workflow(self):
"""
Retrieve the parent workflow of the workflow document type.
Perform custom permission and access check.
"""
if self.request.method == 'GET':
permission_required = permission_workflow_view
else:
permission_required = permission_workflow_edit
workflow = get_object_or_404(Workflow, pk=self.kwargs['pk'])
try:
Permission.check_permissions(self.request.user,
(permission_required, ))
except PermissionDenied:
AccessControlList.objects.check_access(permission_required,
self.request.user, workflow)
return workflow
def get_queryset(self, user):
queryset = self.model.objects.all()
for kwargs in self.filter_kwargs:
queryset = queryset.filter(**kwargs)
queryset = queryset.distinct()
if self.object_permission:
try:
# Check to see if the user has the permissions globally
Permission.check_permissions(user, (self.object_permission, ))
except PermissionDenied:
# No global permission, filter ther queryset per object +
# permission
return AccessControlList.objects.filter_by_access(
self.object_permission, user, queryset)
else:
# Has the permission globally, return all results
return queryset
else:
return queryset
def dispatch(self, request, *args, **kwargs):
self.object_content_type = get_object_or_404(
ContentType,
app_label=self.kwargs['app_label'],
model=self.kwargs['model'])
try:
self.content_object = self.object_content_type.get_object_for_this_type(
pk=self.kwargs['object_id'])
except self.object_content_type.model_class().DoesNotExist:
raise Http404
try:
Permission.check_permissions(
request.user, permissions=(permission_events_view, ))
except PermissionDenied:
AccessControlList.objects.check_access(permission_events_view,
request.user,
self.content_object)
return super(ObjectEventListView,
self).dispatch(request, *args, **kwargs)
def document_clear_image_cache(request):
Permission.check_permissions(request.user, (permission_document_tools, ))
previous = request.POST.get(
'previous',
request.GET.get(
'previous',
request.META.get('HTTP_REFERER',
reverse(settings.LOGIN_REDIRECT_URL))))
if request.method == 'POST':
task_clear_image_cache.apply_async()
messages.success(request,
_('Document cache clearing queued successfully.'))
return HttpResponseRedirect(previous)
return render_to_response('appearance/generic_confirm.html', {
'previous': previous,
'title': _('Clear the document cache?'),
},
context_instance=RequestContext(request))
def view_action(self):
document = self.get_object()
if document.checkout_info().user == self.request.user:
try:
Permission.check_permissions(
self.request.user, (permission_document_checkin,)
)
except PermissionDenied:
AccessControlList.objects.check_access(
permission_document_checkin, self.request.user, document
)
else:
try:
Permission.check_permissions(
self.request.user, (permission_document_checkin_override,)
)
except PermissionDenied:
AccessControlList.objects.check_access(
permission_document_checkin_override, self.request.user,
document
)
try:
document.check_in(user=self.request.user)
except DocumentNotCheckedOut:
messages.error(
self.request, _('Document has not been checked out.')
)
except Exception as exception:
messages.error(
self.request,
_('Error trying to check in document; %s') % exception
)
else:
messages.success(
self.request,
_('Document "%s" checked in successfully.') % document
)
def get_content_object(self):
if self.request.method == 'GET':
permission_required = permission_acl_view
else:
permission_required = permission_acl_edit
content_type = get_object_or_404(ContentType,
app_label=self.kwargs['app_label'],
model=self.kwargs['model'])
content_object = get_object_or_404(content_type.model_class(),
pk=self.kwargs['object_pk'])
try:
Permission.check_permissions(self.request.user,
permissions=(permission_required, ))
except PermissionDenied:
AccessControlList.objects.check_access(permission_required,
self.request.user,
content_object)
return content_object
def get_document(self):
document = get_object_or_404(Document, pk=self.kwargs['pk'])
if self.request.method == 'GET':
"""
Only test for permission if reading. If writing, the permission
will be checked in the serializer
IMPROVEMENT:
When writing, add check for permission or ACL for the workflow.
Failing that, check for ACLs for any of the workflow's transitions.
Failing that, then raise PermissionDenied
"""
try:
Permission.check_permissions(self.request.user,
(permission_workflow_view, ))
except PermissionDenied:
AccessControlList.objects.check_access(
permission_workflow_view, self.request.user, document)
return document
def document_type_filename_create(request, document_type_id):
Permission.check_permissions(request.user,
(permission_document_type_edit, ))
document_type = get_object_or_404(DocumentType, pk=document_type_id)
if request.method == 'POST':
form = DocumentTypeFilenameForm_create(request.POST)
if form.is_valid():
try:
document_type_filename = DocumentTypeFilename(
document_type=document_type,
filename=form.cleaned_data['filename'],
enabled=True)
document_type_filename.save()
messages.success(
request,
_('Document type quick label created successfully'))
return HttpResponseRedirect(
reverse('documents:document_type_filename_list',
args=(document_type_id, )))
except Exception as exception:
messages.error(
request,
_('Error creating document type quick label; %(error)s') %
{'error': exception})
else:
form = DocumentTypeFilenameForm_create()
return render_to_response(
'appearance/generic_form.html', {
'document_type': document_type,
'form': form,
'navigation_object_list': ('document_type', ),
'title':
_('Create quick label for document type: %s') % document_type,
},
context_instance=RequestContext(request))
