def __init__(self, *args, **kwargs): super(JobForm, self).__init__(*args, **kwargs) if self.instance.pk: self.fields['description'].widget.mce_attrs['app_instance_id'] = self.instance.pk #self.fields['pricing'].initial = JobPricing.objects.filter(duration=self.instance.requested_duration)[0] if is_admin(self.user): self.fields['status_detail'].choices = STATUS_DETAIL_CHOICES else: self.fields['description'].widget.mce_attrs['app_instance_id'] = 0 self.fields['pricing'].choices = pricing_choices(self.user) if 'payment_method' in self.fields: self.fields['payment_method'].widget = forms.RadioSelect(choices=get_payment_method_choices(self.user)) # adjust fields depending on user status fields_to_pop = [] if not self.user.is_authenticated(): fields_to_pop += [ 'entity', 'allow_anonymous_view', 'user_perms', 'group_perms', 'member_perms', 'post_dt', 'activation_dt', 'expiration_dt', 'syndicate', 'status', 'status_detail' ] else: fields_to_pop += [ 'captcha' ] if not is_admin(self.user): fields_to_pop += [ 'slug', 'entity', 'allow_anonymous_view', 'user_perms', 'member_perms', 'group_perms', 'post_dt', 'activation_dt', 'expiration_dt', 'syndicate', 'status', 'status_detail' ] if not is_developer(self.user): fields_to_pop += [ 'status' ] for f in list(set(fields_to_pop)): if f in self.fields: self.fields.pop(f)
def __init__(self, *args, **kwargs): super(ServiceForm, self).__init__(*args, **kwargs) if self.instance.pk: self.fields["description"].widget.mce_attrs["app_instance_id"] = self.instance.pk else: self.fields["description"].widget.mce_attrs["app_instance_id"] = 0 # adjust fields depending on user status fields_to_pop = [] if not self.user.is_authenticated(): fields_to_pop += [ "allow_anonymous_view", "user_perms", "group_perms", "activation_dt", "expiration_dt", "syndicate", "status", "status_detail", ] else: fields_to_pop += ["captcha"] if not is_admin(self.user): fields_to_pop += ["status", "status_detail"] if not is_developer(self.user): fields_to_pop += ["status"] for f in list(set(fields_to_pop)): if f in self.fields: self.fields.pop(f)
def index(request, template_name="reports/index.html"): if not is_admin(request.user) and is_developer(request.user): raise Http403 return render_to_response(template_name, {}, context_instance=RequestContext(request))
def __init__(self, *args, **kwargs): if 'user_this' in kwargs: self.user_this = kwargs.pop('user_this', None) else: self.user_this = None if 'user_current' in kwargs: self.user_current = kwargs.pop('user_current', None) else: self.user_current = None if 'required_fields_list' in kwargs: self.required_fields_list = kwargs.pop('required_fields_list', None) else: self.required_fields_list = None super(ProfileForm, self).__init__(*args, **kwargs) if self.user_this: self.fields['first_name'].initial = self.user_this.first_name self.fields['last_name'].initial = self.user_this.last_name self.fields['username'].initial = self.user_this.username if self.user_this.is_superuser and self.user_this.is_staff: self.fields['security_level'].initial = "developer" elif self.user_this.is_staff: self.fields['security_level'].initial = "admin" else: self.fields['security_level'].initial = "user" if self.user_this.is_active == 1: self.fields['interactive'].initial = 1 else: self.fields['interactive'].initial = 0 del self.fields['password1'] del self.fields['password2'] if not is_admin(self.user_current): del self.fields['admin_notes'] del self.fields['security_level'] del self.fields['status'] del self.fields['status_detail'] if is_admin(self.user_current) and not is_developer(self.user_current): self.fields['security_level'].choices=(('user','User'), ('admin','Admin'),) if not is_admin(self.user_current): if 'status' in self.fields: self.fields.pop('status') if 'status_detail' in self.fields: self.fields.pop('status_detail') # we make first_name, last_name, email, username and password as required field regardless # the rest of fields will be decided by the setting - UsersRequiredFields if self.required_fields_list: for field in self.required_fields_list: for myfield in self.fields: if field == self.fields[myfield].label: self.fields[myfield].required = True continue
def __init__(self, *args, **kwargs): super(LocationForm, self).__init__(*args, **kwargs) if not is_admin(self.user): if 'status' in self.fields: self.fields.pop('status') if 'status_detail' in self.fields: self.fields.pop('status_detail') if not is_developer(self.user): if 'status' in self.fields: self.fields.pop('status')
def get_imp_user(username, real_user): """ Search for an impersonated user and return the user object """ from perms.utils import is_developer user = None if username == 'anonymous': user = AnonymousUser() else: try: user = User.objects.get(username=username) except: pass # Don't allow non-developers to impersonate developers if not is_developer(real_user) and is_developer(user): return None return user
def __init__(self, *args, **kwargs): super(FormForm, self).__init__(*args, **kwargs) if not is_admin(self.user): if "status" in self.fields: self.fields.pop("status") if "status_detail" in self.fields: self.fields.pop("status_detail") if not is_developer(self.user): if "status" in self.fields: self.fields.pop("status")
def __init__(self, *args, **kwargs): super(ArticleForm, self).__init__(*args, **kwargs) if self.instance.pk: self.fields['body'].widget.mce_attrs['app_instance_id'] = self.instance.pk else: self.fields['body'].widget.mce_attrs['app_instance_id'] = 0 if not is_admin(self.user): if 'status' in self.fields: self.fields.pop('status') if 'status_detail' in self.fields: self.fields.pop('status_detail') if not is_developer(self.user): if 'status' in self.fields: self.fields.pop('status')
def render(self, context): user = self.resolve(self.user, context) if isinstance(user, User): is_developer = utils.is_developer(user) else: is_developer= False if self.var_name: context[self.var_name] = is_developer return "" else: return is_developer
def _permissions_sqs(self, sqs, user, status, status_detail, **kwargs): from perms.utils import is_admin, is_member, is_developer if is_admin(user) or is_developer(user): sqs = sqs.all() else: if user.is_anonymous(): sqs = self._anon_sqs(sqs, status=status, status_detail=status_detail) elif is_member(user): sqs = self._member_sqs(sqs, user, status=status, status_detail=status_detail) else: sqs = self._user_sqs(sqs, user, status=status, status_detail=status_detail) return sqs
def get_key(self, user, api_key): """ Attempts to find the API key for the user. Uses ``ApiKey`` by default In addition this checks if the user is a developer. If the user is not even if he has a key he will still be unauthorized. """ from tastypie.models import ApiKey if not is_developer(user): return self._unauthorized() try: key = ApiKey.objects.get(user=user, key=api_key) except ApiKey.DoesNotExist: return self._unauthorized() return True
def roles(self): from perms.utils import is_developer, is_admin, is_member role_set = [] if is_developer(self.user): role_set.append('developer') if is_admin(self.user): role_set.append('admin') if is_member(self.user): role_set.append('member') if self.user.is_active: role_set.append('user') return role_set or ['disabled']
def __init__(self, *args, **kwargs): super(HelpFileForm, self).__init__(*args, **kwargs) if self.instance.pk: self.fields['answer'].widget.mce_attrs['app_instance_id'] = self.instance.pk else: self.fields['answer'].widget.mce_attrs['app_instance_id'] = 0 if not is_admin(self.user): if 'status' in self.fields: self.fields.pop('status') if 'status_detail' in self.fields: self.fields.pop('status_detail') if 'allow_anonymous_view' in self.fields: self.fields.pop('allow_anonymous_view') if 'user_perms' in self.fields: self.fields.pop('user_perms') if 'member_perms' in self.fields: self.fields.pop('member_perms') if 'group_perms' in self.fields: self.fields.pop('group_perms') if 'syndicate' in self.fields: self.fields.pop('syndicate') if not is_developer(self.user): if 'status' in self.fields: self.fields.pop('status')
def check_security(request, *args, **kwargs): user_security_level = 'anonymous' if request.user.is_authenticated(): if is_developer(request.user): user_security_level = 'developer' elif is_admin(request.user): user_security_level = 'administrator' else: user_security_level = 'user' boo = False if self.page_security_level == 'anonymous': boo = True elif self.page_security_level == 'user': if user_security_level <> 'anonymous': boo = True elif self.page_security_level == 'administrator': if user_security_level == 'administrator' or user_security_level == 'developer': boo = True elif self.page_security_level == 'developer': if user_security_level == 'developer': boo = True if boo: # if request.user.is_authenticated(), log an event here return f(request, *args, **kwargs) else: if request.user.is_authenticated(): raise Http403 else: # redirect to login page redirect_field_name=REDIRECT_FIELD_NAME login_url = settings.LOGIN_URL path = urlquote(request.get_full_path()) tup = login_url, redirect_field_name, path return HttpResponseRedirect('%s?%s=%s' % tup)
def __init__(self, *args, **kwargs): super(DirectoryForm, self).__init__(*args, **kwargs) if self.instance.pk: self.fields["body"].widget.mce_attrs["app_instance_id"] = self.instance.pk if is_admin(self.user): self.fields["status_detail"].choices = ( ("active", "Active"), ("inactive", "Inactive"), ("pending", "Pending"), ("paid - pending approval", "Paid - Pending Approval"), ) else: self.fields["body"].widget.mce_attrs["app_instance_id"] = 0 if self.instance.logo: self.fields["logo"].help_text = ( '<input name="remove_photo" id="id_remove_photo" type="checkbox"/> Remove current logo: <a target="_blank" href="/site_media/media/%s">%s</a>' % (self.instance.logo, basename(self.instance.logo.file.name)) ) else: self.fields.pop("remove_photo") if not is_admin(self.user): if "status" in self.fields: self.fields.pop("status") if "status_detail" in self.fields: self.fields.pop("status_detail") if not is_developer(self.user): if "status" in self.fields: self.fields.pop("status") if self.fields.has_key("payment_method"): self.fields["payment_method"].widget = forms.RadioSelect(choices=get_payment_method_choices(self.user)) if self.fields.has_key("requested_duration"): self.fields["requested_duration"].choices = get_duration_choices()
def search(self, query=None, *args, **kwargs): """ Search the Django Haystack search index Returns a SearchQuerySet object """ from perms.utils import is_admin, is_member, is_developer sqs = kwargs.get('sqs', SearchQuerySet()) # user information user = kwargs.get('user') or AnonymousUser() user = self._impersonation(user) self.user = user # if the status_detail is something like "published" # then you can specify the kwargs to override status_detail = kwargs.get('status_detail', 'active') if query: sqs = sqs.auto_query(sqs.query.clean(query)) if is_admin(user) or is_developer(user): sqs = sqs.all() else: if user.is_anonymous(): sqs = anon3_sqs(sqs, status_detail=status_detail) elif is_member(user): sqs = self._member_sqs(sqs, user=user, status_detail=status_detail) else: sqs = user3_sqs(sqs, user=user, status_detail=status_detail) # pass return sqs.models(self.model)
def clean_user(self): user = self.cleaned_data['user'] if not is_developer(user): raise forms.ValidationError('This user is not a developer.') return user
def application_details(request, slug=None, cmb_id=None, imv_id=0, imv_guid=None, secret_hash="", membership_id=0, template_name="memberships/applications/details.html"): """ Display a built membership application and handle submission. """ if not slug: raise Http404 user = request.user app = get_object_or_404(App, slug=slug) if not app.allow_view_by(user): raise Http403 # if this app is for corporation individuals, redirect them to corp-pre page if # they have not passed the security check. is_corp_ind = False corporate_membership = None if hasattr(app, 'corp_app') and app.corp_app: if not cmb_id: # redirect them to the corp_pre page return redirect(reverse('membership.application_details_corp_pre', args=[app.slug])) is_corp_ind = True corporate_membership = get_object_or_404(CorporateMembership, id=cmb_id) # check if they have verified their email or entered the secret code is_verified = False if is_admin(request.user) or app.corp_app.authentication_method == 'admin': is_verified = True elif app.corp_app.authentication_method == 'email': try: indiv_veri = IndivMembEmailVeri8n.objects.get(pk=imv_id, guid=imv_guid) if indiv_veri.verified: is_verified = True except IndivMembEmailVeri8n.DoesNotExist: pass elif app.corp_app.authentication_method == 'secret_code': tmp_secret_hash = md5('%s%s' % (corporate_membership.secret_code, request.session.get('corp_hash_random_string', ''))).hexdigest() if secret_hash == tmp_secret_hash: is_verified = True if not is_verified: return redirect(reverse('membership.application_details_corp_pre', args=[slug])) # log application details view EventLog.objects.log(**{ 'event_id' : 655000, 'event_data': '%s (%d) viewed by %s' % (app._meta.object_name, app.pk, user), 'description': '%s viewed' % app._meta.object_name, 'user': user, 'request': request, 'instance': app, }) initial_dict = {} if hasattr(user, 'memberships'): membership = user.memberships.get_membership() is_only_a_member = [ is_developer(user) == False, is_admin(user) == False, is_member(user) == True, ] if corporate_membership: # exclude corp. reps, creator and owner - they should be able to add new is_only_a_member.append(corporate_membership.allow_edit_by(user)==False) # deny access to renew memberships if all(is_only_a_member): initial_dict = membership.get_app_initial(app) if not membership.can_renew(): return render_to_response("memberships/applications/no-renew.html", { "app": app, "user":user, "membership": membership}, context_instance=RequestContext(request)) pending_entries = [] if hasattr(user, 'appentry_set'): pending_entries = user.appentry_set.filter( is_approved__isnull = True, # pending ) # if an application entry was submitted # after your current membership was created if user.memberships.get_membership(): pending_entries.filter( entry_time__gte = user.memberships.get_membership().subscribe_dt ) app_entry_form = AppEntryForm( app, request.POST or None, request.FILES or None, user=user, corporate_membership=corporate_membership, initial=initial_dict, ) if request.method == "POST": if app_entry_form.is_valid(): entry = app_entry_form.save(commit=False) entry_invoice = entry.save_invoice() if user.is_authenticated(): entry.user = user entry.is_renewal = all(is_only_a_member) # add all permissions and save the model entry = update_perms_and_save(request, app_entry_form, entry) # administrators go to approve/disapprove page if is_admin(user): return redirect(reverse('membership.application_entries', args=[entry.pk])) # send "joined" notification Notice.send_notice( entry=entry, request = request, emails=entry.email, notice_type='join', membership_type=entry.membership_type, ) if entry_invoice.total == 0: if not entry_invoice.is_tendered: entry_invoice.tender(request.user) # online payment if entry_invoice.total>0 and entry.payment_method and entry.payment_method.is_online: return HttpResponseRedirect(reverse( 'payments.views.pay_online', args=[entry_invoice.pk, entry_invoice.guid] )) if not entry.approval_required(): entry.approve() # silence old memberships within renewal period Membership.objects.silence_old_memberships(entry.user) # get user from the membership since it's null in the entry entry.user = entry.membership.user membership_total = Membership.objects.filter(status=True, status_detail='active').count() # send "approved" notification Notice.send_notice( request = request, emails=entry.email, notice_type='approve', membership=entry.membership, membership_type=entry.membership_type, ) if not user.is_authenticated(): from django.core.mail import send_mail from django.utils.http import int_to_base36 from django.contrib.auth.tokens import default_token_generator from site_settings.utils import get_setting token_generator = default_token_generator site_url = get_setting('site', 'global', 'siteurl') site_name = get_setting('site', 'global', 'sitedisplayname') # send new user account welcome email (notification) notification.send_emails([entry.user.email],'user_welcome', { 'site_url': site_url, 'site_name': site_name, 'uid': int_to_base36(entry.user.id), 'user': entry.user, 'username': entry.user.username, 'token': token_generator.make_token(entry.user), }) # log - entry approval EventLog.objects.log(**{ 'event_id' : 1082101, 'event_data': '%s (%d) approved by %s' % (entry._meta.object_name, entry.pk, entry.judge), 'description': '%s viewed' % entry._meta.object_name, 'user': user, 'request': request, 'instance': entry, }) # log - entry submission EventLog.objects.log(**{ 'event_id' : 1081000, 'event_data': '%s (%d) submitted by %s' % (entry._meta.object_name, entry.pk, request.user), 'description': '%s viewed' % entry._meta.object_name, 'user': user, 'request': request, 'instance': entry, }) return redirect(entry.confirmation_url) return render_to_response(template_name, { 'app': app, 'app_entry_form': app_entry_form, 'pending_entries': pending_entries, }, context_instance=RequestContext(request))