def clean_user(self):
username = self.cleaned_data["user"]
try:
user = User.objects.get(username__iexact=username)
except User.DoesNotExist:
raise forms.ValidationError(
mark_safe(_("A user with that username does not exist.")))
check = permissions.BasePermission(user=user)
error_msg = None
if user.is_superuser:
error_msg = _("The user %(user)s do not need to request "
"access to any permission as it is a super user.")
elif check.has_perm(self.perm, self.obj):
error_msg = _("The user %(user)s already has the permission "
"'%(perm)s' for %(object_name)s '%(obj)s'")
elif check.requested_perm(self.perm, self.obj):
error_msg = _("The user %(user)s already requested the permission"
" '%(perm)s' for %(object_name)s '%(obj)s'")
if error_msg:
error_msg = error_msg % {
'object_name': self.obj._meta.object_name.lower(),
'perm': self.perm,
'obj': self.obj,
'user': user,
}
raise forms.ValidationError(mark_safe(error_msg))
return user
def clean_group(self):
groupname = self.cleaned_data["group"]
try:
group = Group.objects.get(name__iexact=groupname)
except Group.DoesNotExist:
raise forms.ValidationError(
mark_safe(_("A group with that name does not exist.")))
check = permissions.BasePermission(group=group)
if check.has_perm(self.perm, self.obj):
raise forms.ValidationError(mark_safe(
_("This group already has the permission '%(perm)s' for %(object_name)s '%(obj)s'") % {
'perm': self.perm,
'object_name': self.obj._meta.object_name.lower(),
'obj': self.obj,
}))
return group
def render(self, context):
objs = [self.resolve(obj, context) for obj in self.objs.split(',')]
var_name = self.resolve(self.var_name, context)
perm = self.resolve(self.perm, context)
user = self.resolve(self.user, context)
granted = False
if not isinstance(user, AnonymousUser):
if self.approved:
check = get_check(user, perm)
if check is not None:
granted = check(*objs)
else:
check = permissions.BasePermission(user=user)
for obj in objs:
granted = check.requested_perm(perm, obj)
if granted:
break
context[var_name] = granted
return ''
