def load_add_group_form(request):
""" Load the form to list the groups with no access to the workspace.
Args:
request:
Returns:
"""
workspace_id = request.POST.get('workspace_id', None)
try:
workspace = workspace_api.get_by_id(str(workspace_id))
except exceptions.ModelError:
return HttpResponseBadRequest('Invalid input.')
except Exception:
return HttpResponseBadRequest('An unexpected error occurred.')
try:
# We retrieve all groups with no access
groups_with_no_access = list(
workspace_api.get_list_group_with_no_access_workspace(
workspace, request.user))
if len(groups_with_no_access) > 0:
group_utils.remove_list_object_from_list(groups_with_no_access, [
group_api.get_anonymous_group(),
group_api.get_default_group()
])
if len(groups_with_no_access) == 0:
return HttpResponseBadRequest(
"There is no groups that can be added.")
form = GroupRightForm(groups_with_no_access)
except AccessControlError, ace:
return HttpResponseBadRequest(ace.message)
def create_global_workspace(title):
workspace = workspace_api.create_and_save(title, is_public=True)
permission_api.add_permission_to_group(group_api.get_anonymous_group(),
workspace.read_perm_id)
permission_api.add_permission_to_group(group_api.get_default_group(),
workspace.read_perm_id)
return workspace
def set_workspace_public(workspace):
""" Set the workspace to public.
Args:
workspace
Return:
"""
permission_api.add_permission_to_group(group_api.get_anonymous_group(), workspace.read_perm_id)
permission_api.add_permission_to_group(group_api.get_default_group(), workspace.read_perm_id)
def load_add_group_form(request):
"""Load the form to list the groups with no access to the workspace.
Args:
request:
Returns:
"""
workspace_id = request.POST.get("workspace_id", None)
try:
workspace = workspace_api.get_by_id(str(workspace_id))
except exceptions.ModelError:
return HttpResponseBadRequest("Invalid input.")
except Exception:
return HttpResponseBadRequest("An unexpected error occurred.")
try:
# We retrieve all groups with no access
groups_with_no_access = list(
workspace_api.get_list_group_with_no_access_workspace(
workspace, request.user))
if len(groups_with_no_access) > 0:
group_utils.remove_list_object_from_list(
groups_with_no_access,
[
group_api.get_anonymous_group(),
group_api.get_default_group()
],
)
if len(groups_with_no_access) == 0:
return HttpResponseBadRequest(
"There is no groups that can be added.")
form = GroupRightForm(groups_with_no_access)
except AccessControlError as ace:
return HttpResponseBadRequest(escape(str(ace)))
except DoesNotExist as dne:
return HttpResponseBadRequest(escape(str(dne)))
except:
return HttpResponseBadRequest("Something wrong happened.")
context = {"add_group_form": form}
return HttpResponse(
json.dumps({
"form":
loader.render_to_string(
"core_main_app/user/workspaces/list/modals/add_group_form.html",
context,
)
}),
"application/javascript",
)
def get_all_public_workspace_permission():
""" Get all permissions related to public workspaces.
Return:
"""
return [
str(perm.id) for perm in Permission.objects.filter(
(Q(group=group_api.get_default_group())
& Q(group=group_api.get_anonymous_group())),
content_type__app_label=CONTENT_TYPE_APP_LABEL,
codename__startswith=CAN_READ_CODENAME)
]
def is_workspace_public(permission_id):
""" Check if the workspace is public.
Args:
permission_id
Returns:
"""
permission = Permission.objects.get(pk=permission_id)
group_anonymous = group_api.get_anonymous_group()
group_default = group_api.get_default_group()
return permission in group_anonymous.permissions.all(
) and permission in group_default.permissions.all()
def get_all_workspace_permissions_user_can_read(user_id):
""" Get a list of permission ids of workspaces that the user has read access.
Args:
user_id
Return:
"""
user = user_api.get_user_by_id(user_id)
return [
str(perm.id) for perm in Permission.objects.filter(
(Q(user=user)
| Q(group__in=user.groups.all())
| (Q(group=group_api.get_default_group())
& Q(group=group_api.get_anonymous_group()))),
content_type__app_label=CONTENT_TYPE_APP_LABEL,
codename__startswith=CAN_READ_CODENAME)
]
def get(self, request, *args, **kwargs):
try:
workspace_id = kwargs["workspace_id"]
workspace = workspace_api.get_by_id(workspace_id)
except DoesNotExist as e:
return HttpResponseBadRequest("The workspace does not exist.")
except:
return HttpResponseBadRequest("Something wrong happened.")
if workspace.owner != str(request.user.id) and not self.administration:
return HttpResponseForbidden(
"Only the workspace owner can edit the rights.")
try:
# Users
users_read_workspace = workspace_api.get_list_user_can_read_workspace(
workspace, request.user)
users_write_workspace = workspace_api.get_list_user_can_write_workspace(
workspace, request.user)
users_access_workspace = list(
set(users_read_workspace + users_write_workspace))
detailed_users = []
for user in users_access_workspace:
if str(user.id) != workspace.owner:
detailed_users.append({
"object_id":
user.id,
"object_name":
user.username,
"can_read":
user in users_read_workspace,
"can_write":
user in users_write_workspace,
})
except:
detailed_users = []
try:
# Groups
groups_read_workspace = workspace_api.get_list_group_can_read_workspace(
workspace, request.user)
groups_write_workspace = workspace_api.get_list_group_can_write_workspace(
workspace, request.user)
groups_access_workspace = list(
set(groups_read_workspace + groups_write_workspace))
group_utils.remove_list_object_from_list(
groups_access_workspace,
[
group_api.get_anonymous_group(),
group_api.get_default_group()
],
)
detailed_groups = []
for group in groups_access_workspace:
detailed_groups.append({
"object_id":
group.id,
"object_name":
group.name,
"can_read":
group in groups_read_workspace,
"can_write":
group in groups_write_workspace,
})
except:
detailed_groups = []
context = {
"workspace": workspace,
"user_data": detailed_users,
"group_data": detailed_groups,
"template":
"core_main_app/user/workspaces/list/edit_rights_table.html",
"action_read": "action_read",
"action_write": "action_write",
}
if workspace_api.is_workspace_public(workspace):
context.update({"is_public": True})
if workspace_api.is_workspace_global(workspace):
context.update({"is_global": True})
assets = {
"css": [
"core_main_app/libs/datatables/1.10.13/css/jquery.dataTables.css",
"core_main_app/libs/fSelect/css/fSelect.css",
"core_main_app/common/css/switch.css",
],
"js": [
{
"path":
"core_main_app/libs/datatables/1.10.13/js/jquery.dataTables.js",
"is_raw": True,
},
{
"path": "core_main_app/libs/fSelect/js/fSelect.js",
"is_raw": False
},
{
"path": "core_main_app/common/js/backtoprevious.js",
"is_raw": True
},
{
"path": "core_main_app/user/js/workspaces/tables.js",
"is_raw": True
},
{
"path": "core_main_app/user/js/workspaces/add_user.js",
"is_raw": False,
},
{
"path":
"core_main_app/user/js/workspaces/list/modals/switch_right.js",
"is_raw": False,
},
{
"path":
"core_main_app/user/js/workspaces/list/modals/remove_rights.js",
"is_raw": False,
},
{
"path": "core_main_app/user/js/workspaces/add_group.js",
"is_raw": False,
},
{
"path": "core_main_app/user/js/workspaces/init.js",
"is_raw": False
},
],
}
modals = [
"core_main_app/user/workspaces/list/modals/add_user.html",
"core_main_app/user/workspaces/list/modals/switch_right.html",
"core_main_app/user/workspaces/list/modals/remove_rights.html",
"core_main_app/user/workspaces/list/modals/add_group.html",
]
return self.common_render(request,
self.template,
context=context,
assets=assets,
modals=modals)
workspace_id = request.POST.get('workspace_id', None)
try:
workspace = workspace_api.get_by_id(str(workspace_id))
except Exception, exc:
return HttpResponseBadRequest(exc.message)
try:
# We retrieve all groups with no access
groups_with_no_access = list(
workspace_api.get_list_group_with_no_access_workspace(
workspace, request.user))
if len(groups_with_no_access) > 0:
group_utils.remove_list_object_from_list(groups_with_no_access, [
group_api.get_anonymous_group(),
group_api.get_default_group()
])
if len(groups_with_no_access) == 0:
return HttpResponseBadRequest(
"There is no groups that can be added.")
form = GroupRightForm(groups_with_no_access)
except AccessControlError, ace:
return HttpResponseBadRequest(ace.message)
except DoesNotExist, dne:
return HttpResponseBadRequest(dne.message)
except:
return HttpResponseBadRequest("Something wrong happened.")
context = {"add_group_form": form}
def edit_rights(request, workspace_id):
""" Load page to edit the rights.
Args: request
workspace_id
Returns:
"""
try:
workspace = workspace_api.get_by_id(workspace_id)
except DoesNotExist as e:
return HttpResponseBadRequest("The workspace does not exist.")
except:
return HttpResponseBadRequest("Something wrong happened.")
if workspace.owner != str(request.user.id):
return HttpResponseForbidden(
"Only the workspace owner can edit the rights.")
try:
# Users
users_read_workspace = workspace_api.get_list_user_can_read_workspace(
workspace, request.user)
users_write_workspace = workspace_api.get_list_user_can_write_workspace(
workspace, request.user)
users_access_workspace = list(
set(users_read_workspace + users_write_workspace))
detailed_users = []
for user in users_access_workspace:
detailed_users.append({
'object_id': user.id,
'object_name': user.username,
'can_read': user in users_read_workspace,
'can_write': user in users_write_workspace,
})
except:
detailed_users = []
try:
# Groups
groups_read_workspace = workspace_api.get_list_group_can_read_workspace(
workspace, request.user)
groups_write_workspace = workspace_api.get_list_group_can_write_workspace(
workspace, request.user)
groups_access_workspace = list(
set(groups_read_workspace + groups_write_workspace))
group_utils.remove_list_object_from_list(
groups_access_workspace,
[group_api.get_anonymous_group(),
group_api.get_default_group()])
detailed_groups = []
for group in groups_access_workspace:
detailed_groups.append({
'object_id':
group.id,
'object_name':
group.name,
'can_read':
group in groups_read_workspace,
'can_write':
group in groups_write_workspace,
})
except:
detailed_groups = []
context = {
'workspace': workspace,
'user_data': detailed_users,
'group_data': detailed_groups,
'template': workspace_constants.EDIT_RIGHTS_TEMPLATE_TABLE,
'action_read': workspace_constants.ACTION_READ,
'action_write': workspace_constants.ACTION_WRITE,
'user': workspace_constants.USER,
'group': workspace_constants.GROUP,
}
assets = {
"css": [
'core_main_app/libs/datatables/1.10.13/css/jquery.dataTables.css',
"core_main_app/libs/fSelect/css/fSelect.css"
],
"js": [{
"path":
'core_main_app/libs/datatables/1.10.13/js/jquery.dataTables.js',
"is_raw": True
}, {
"path": "core_main_app/libs/fSelect/js/fSelect.js",
"is_raw": False
}, {
"path": 'core_main_app/common/js/backtoprevious.js',
"is_raw": True
}]
}
assets['js'].extend(copy.deepcopy(workspace_constants.JS_TABLES))
assets['js'].extend(copy.deepcopy(workspace_constants.JS_ADD_USER))
assets['css'].extend(copy.deepcopy(workspace_constants.CSS_SWITCH))
assets['js'].extend(copy.deepcopy(workspace_constants.JS_SWITCH_RIGHT))
assets['js'].extend(copy.deepcopy(workspace_constants.JS_REMOVE_RIGHT))
assets['js'].extend(copy.deepcopy(workspace_constants.JS_ADD_GROUP))
assets['js'].extend(copy.deepcopy(workspace_constants.JS_INIT))
modals = [
workspace_constants.MODAL_ADD_USER,
workspace_constants.MODAL_SWITCH_RIGHT,
workspace_constants.MODAL_REMOVE_RIGHTS,
workspace_constants.MODAL_ADD_GROUP
]
return render(request,
workspace_constants.EDIT_RIGHTS_TEMPLATE,
context=context,
assets=assets,
modals=modals)
