def handle(self, *args, **options): content_types = [Dataset, DatasetField] #Permission.objects.all().delete() #PERMISSIONS register_permission(settings.PERMISSION_VIEW_NAME, settings.PERMISSION_VIEW_NAME, content_types) register_permission(settings.PERMISSION_EDIT_NAME, settings.PERMISSION_EDIT_NAME, content_types) register_permission(settings.PERMISSION_CREATE_NAME, settings.PERMISSION_CREATE_NAME, content_types) register_permission(settings.PERMISSION_DELETE_NAME, settings.PERMISSION_DELETE_NAME, content_types) logging.getLogger(__name__).info( "Созданы разрешения: Просмотр, Редактировать, Создать, Удалить.") # ROLES #Role.objects.all().delete() register_role(settings.ROLE_DEVELOPER_NAME) register_role(settings.ROLE_ADMIN_NAME) register_role(settings.ROLE_MANAGER_NAME) register_role(settings.ROLE_EDITOR_NAME) register_role(settings.ROLE_VIEWER_NAME) logging.getLogger(__name__).info( "Созданы роли: Разработчик, Администратор, Менеджер, Редактор, Обозреватель." )
def perm(request): workflow = Workflow.objects.get(name="Standard") private = State.objects.get(name="Private", workflow= workflow) public = State.objects.get(name="Public", workflow= workflow) # Add a role from permissions.utils import register_role owner = Role.objects.get(name='Owner') # Create a user from django.contrib.auth.models import User user = User.objects.get(username="******") # Assign user to role owner.add_principal(user) # Create example content type page_1 = Project.objects.get(name="abc") # Register permissions from permissions.utils import register_permission view = register_permission("View", "view") edit = register_permission("Edit", "edit") # Add all permissions which are managed by the workflow from workflows.models import WorkflowPermissionRelation WorkflowPermissionRelation.objects.create(workflow=workflow, permission=view) WorkflowPermissionRelation.objects.create(workflow=workflow, permission=edit) # Add permissions for the single states from workflows.models import StatePermissionRelation StatePermissionRelation.objects.create(state=public, permission=view, role=owner) StatePermissionRelation.objects.create(state=private, permission=view, role=owner) StatePermissionRelation.objects.create(state=private, permission=edit, role=owner) # Assign the workflow to the content object from workflows.utils import set_workflow set_workflow(page_1, workflow) # Now self.page_1 has the intial workflow state. from permissions.utils import has_permission print has_permission(page_1, user, "edit") # Now we change the workflow state set_state(page_1, public) print has_permission(page_1, user, "edit")
def project_install(sender, **kwargs): verbosity = kwargs.get('verbosity', 1) roles = [] for role in settings.PROJECT_ROLES: r = register_role(role) roles.append(r) perms = [] for perm in settings.PROJECT_PERMISSIONS: p = register_permission(perm[1], perm[0], [Project]) perms.append(p) if verbosity > 0: if any(roles): print "Project roles added:", for r in roles: print r, ",", else: print "" if any(perms): print "Project permissions :", for p in perms: print p, ",", else: print "" projects = Project.objects.all() for project in projects: project._grant_permissions()
def init_permissions(sender, **kwargs): ## register project-level Roles for (name, description) in ROLES_LIST: PermissionsRegister.roles_dict[name] = register_role(name) ## register project-level Permissions for (codename, name) in PERMISSIONS_LIST: PermissionsRegister.perms_dict[codename] = register_permission(name, codename) return
def init_permissions(sender, **kwargs): ## register project-level Roles for (name, description) in ROLES_LIST: PermissionsRegister.roles_dict[name] = register_role(name) ## register project-level Permissions for (codename, name) in PERMISSIONS_LIST: PermissionsRegister.perms_dict[codename] = register_permission( name, codename) return
def create_permissions(self): """ Создать разрешения """ content_types = [Dataset, DatasetField] register_permission(settings.PERMISSION_VIEW_NAME, settings.PERMISSION_VIEW_NAME, content_types) register_permission(settings.PERMISSION_EDIT_NAME, settings.PERMISSION_EDIT_NAME, content_types) register_permission(settings.PERMISSION_CREATE_NAME, settings.PERMISSION_CREATE_NAME, content_types) register_permission(settings.PERMISSION_DELETE_NAME, settings.PERMISSION_DELETE_NAME, content_types) logging.getLogger(__name__).info( u"Созданы разрешения: Просмотр, Редактировать, Создать, Удалить.")
def setUp(self): """ Pre-execution """ # test users self.test_admin = User.objects.create_user('admin', '*****@*****.**', '123') self.test_manager = User.objects.create_user('manager', '*****@*****.**', '123') self.test_viewer = User.objects.create_user('viewer', '*****@*****.**', '123') self.test_editor = User.objects.create_user('editor', '*****@*****.**', '123') self.test_developer = User.objects.create_user('developer', '*****@*****.**', '123') #PERMISSIONS register_permission(settings.PERMISSION_VIEW_NAME, settings.PERMISSION_VIEW_NAME) register_permission(settings.PERMISSION_EDIT_NAME, settings.PERMISSION_EDIT_NAME) register_permission(settings.PERMISSION_CREATE_NAME, settings.PERMISSION_CREATE_NAME) register_permission(settings.PERMISSION_DELETE_NAME, settings.PERMISSION_DELETE_NAME) # ROLES register_role(settings.ROLE_DEVELOPER_NAME) register_role(settings.ROLE_ADMIN_NAME) register_role(settings.ROLE_MANAGER_NAME) register_role(settings.ROLE_EDITOR_NAME) register_role(settings.ROLE_VIEWER_NAME) # ASSIGN ROlES add_role(self.test_editor, Role.objects.get(name=settings.ROLE_EDITOR_NAME)) add_role(self.test_viewer, Role.objects.get(name=settings.ROLE_VIEWER_NAME)) add_role(self.test_admin, Role.objects.get(name=settings.ROLE_ADMIN_NAME)) add_role(self.test_manager, Role.objects.get(name=settings.ROLE_MANAGER_NAME)) add_role(self.test_developer, Role.objects.get(name=settings.ROLE_DEVELOPER_NAME))
def create_roles(app, created_models, verbosity, **kwargs): roles = {} for role in settings.ROLES: roles[role] = register_role(role[1]) register_permission('View', 'view') register_permission('Edit', 'edit') register_permission('Add', 'add') register_permission('Delete', 'delete') register_permission('Socialize', 'socialize') register_permission('Rate', 'rate') print "roles creados"
from permissions.utils import register_permission from permissions.utils import register_role from permissions.utils import grant_permission from permissions.utils import has_permission from .models import Student view = register_permission("View", "view") edit = register_permission("Edit", "edit") delete = register_permission("Delete", "delete") add = register_permission("Add", "add") manage_content = register_permission("Manage content", "manage_content") school_admin = register_role("Admin") educator = register_role("Educator") guardian = register_role("Guardian") student = register_role("Student") #school_admin permissions grant_permission(Student, school_admin, "view") grant_permission(Student, school_admin, "delete") #educator permissions grant_permission(Student, educator, "view") grant_permission(Student, educator, "edit") grant_permission(Student, educator, "add") #student permissions grant_permission(Student.avatar, student, "edit") grant_permission(Student, student, "view") # grant_permission(Spend_points, student, "add")
def get_or_create_workflow(model): """ Iterate for the application workflow list and configure each workflow listed in WORKFLOWS settings """ from models import State, Workflow, StatePermissionRelation, WorkflowPermissionRelation, Transition try: workflow = get_workflow_for_model(ContentType.objects.get_for_model(model)) except Exception as e: return None if not workflow: workflows_settings = getattr(settings, 'WORKFLOWS', {}) wf_item = workflows_settings.get("%s.%s" % (model.__module__, model.__name__), None) if not wf_item: return None try: wf_name = wf_item['name'] # ROLES dict_roles = {} roles = get_wf_dict_value(wf_item, 'roles', wf_name) for role in roles: dict_roles[role], created = Role.objects.get_or_create(name=role) # PERMISSIONS dict_permissions = {} permissions = get_wf_dict_value(wf_item, 'permissions', wf_name) for permission in permissions: perm_name = get_wf_dict_value(permission, 'name', 'permissions', wf_name) perm_codename = get_wf_dict_value(permission, 'codename', 'permissions', wf_name) dict_permissions[perm_codename] = perm_utils.register_permission( name=perm_name, codename=perm_codename ) # the permission registration returned False if the permission already exists if not dict_permissions[perm_codename]: dict_permissions[perm_codename] = Permission.objects.get(name=perm_name, codename=perm_codename) # creating workflow workflow = Workflow.objects.create(name=wf_name) # setting model workflow.set_to_model(ContentType.objects.get_for_model(model)) dict_states = {} # INITIAL STATE initial_state = get_wf_dict_value(wf_item, 'initial_state', wf_name) initial_state_name = get_wf_dict_value(initial_state, 'name', wf_name, 'initial_state') initial_state_alias = initial_state.get('alias', None) wf_initial_state = State.objects.create(name=initial_state_name, alias=initial_state_alias, workflow=workflow) dict_states[initial_state_name] = wf_initial_state # sets and save the initial state workflow.initial_state = wf_initial_state workflow.save() state_perm_relations = initial_state.get('state_perm_relation', False) # if [True] creates the State Permission Relation if state_perm_relations: for state_perm_relation in state_perm_relations: role = get_wf_dict_value(state_perm_relation, 'role', wf_name, 'state_perm_relation') permission = get_wf_dict_value(state_perm_relation, 'permission', wf_name, 'state_perm_relation') StatePermissionRelation.objects.get_or_create( state=wf_initial_state, role=get_wf_dict_value(dict_roles, role, wf_name, 'dict_roles'), permission=get_wf_dict_value(dict_permissions, permission, wf_name, 'dict_permissions') ) # STATES states = get_wf_dict_value(wf_item, 'states', wf_name) for state in states: state_name = get_wf_dict_value(state, 'name', wf_name, 'states') state_alias = state.get('alias', None) wf_state = State.objects.create(name=state_name, alias=state_alias, workflow=workflow) dict_states[state_name] = wf_state state_perm_relations = state.get('state_perm_relation', False) # if [True] creates the State Permission Relation if state_perm_relations: for state_perm_relation in state_perm_relations: role = get_wf_dict_value(state_perm_relation, 'role', wf_name, 'state_perm_relation') permission = get_wf_dict_value(state_perm_relation, 'permission', wf_name, 'state_perm_relation') StatePermissionRelation.objects.get_or_create( state=wf_state, role=get_wf_dict_value(dict_roles, role, wf_name, 'dict_roles'), permission=get_wf_dict_value(dict_permissions, permission, wf_name, 'dict_permissions') ) # creating the Workflow Permission Relation for wf_permission in dict_permissions.itervalues(): WorkflowPermissionRelation.objects.get_or_create(workflow=workflow, permission=wf_permission) # TRANSITIONS dict_transitions = {} transitions = get_wf_dict_value(wf_item, 'transitions', wf_name) for transition in transitions: name = get_wf_dict_value(transition, 'name', wf_name, 'transitions') destination = get_wf_dict_value(transition, 'destination', wf_name, 'transitions') permission = get_wf_dict_value(transition, 'permission', wf_name, 'transitions') wf_transition, created = Transition.objects.get_or_create( name=name, workflow=workflow, destination=get_wf_dict_value(dict_states, destination, wf_name, 'dict_states'), permission=get_wf_dict_value(dict_permissions, permission, wf_name, 'dict_permissions'), description=get_wf_dict_value(transition, 'description', wf_name, 'transitions'), condition=transition.get('condition', ''), ) dict_transitions[name] = wf_transition # CREATING THE STATE TRANSITIONS RELATION state_transitions = get_wf_dict_value(wf_item, 'state_transitions', wf_name) for state_name, transitions in state_transitions.items(): state = get_wf_dict_value(dict_states, state_name, wf_name, 'dict_states') for transition_name in transitions: transition = get_wf_dict_value(dict_transitions, transition_name, wf_name, 'dict_transitions') state.transitions.add(transition) except KeyError: raise ImproperlyConfigured('The attribute or key (name), must be specified in the workflow configuration.') return workflow