def __getattr__(self, attr):
if attr == 'viewers':
return get_users_for_object(self,
'view_project',
[G3W_VIEWER1, G3W_VIEWER2],
with_anonymous=True)
elif attr == 'editor':
editors = get_users_for_object(self, 'change_project',
[G3W_EDITOR1])
if len(editors) > 0:
return editors[0]
else:
return None
elif attr == 'editor2':
editors = get_users_for_object(self, 'change_project',
[G3W_EDITOR2])
if len(editors) > 0:
return editors[0]
else:
return None
# Get users groups
# ================
elif attr == 'editor_user_groups':
return get_groups_for_object(self, 'change_project', 'editor')
elif attr == 'viewer_user_groups':
return get_groups_for_object(self, 'view_project', 'viewer')
return super(Project, self).__getattribute__(attr)
def get_form_kwargs(self):
kwargs = super(G3WACLViewMixin, self).get_form_kwargs()
kwargs['request'] = self.request
# get editor level 1 users
editor_user_pk = None
editor_users = get_users_for_object(self.object, self.editor_permission, [G3W_EDITOR2, G3W_EDITOR1])
if editor_users:
editor_user_pk = editor_users[0].id
if self.request.user.is_superuser:
kwargs['initial']['editor_user'] = editor_users[0].id
# get editor level2 users
editor2_user_pk = None
editor2_users = get_users_for_object(self.object, self.editor2_permission, [G3W_EDITOR2])
if editor2_users:
editor2_user_pk = editor2_users[0].id
if self.request.user.is_superuser or userHasGroups(self.request.user, [G3W_EDITOR1]):
kwargs['initial']['editor2_user'] = editor2_users[0].id
# get viewer users
viewers = get_viewers_for_object(self.object, self.request.user, self.viewer_permission)
# get only user id and check if user is group or project editor
kwargs['initial']['viewer_users'] = [o.id for o in viewers if o.id not in [editor_user_pk, editor2_user_pk]]
# get initial editor user_groups
group_editors = get_user_groups_for_object(self.object, self.request.user, self.editor2_permission, 'editor')
kwargs['initial']['editor_user_groups'] = [o.id for o in group_editors]
group_viewers = get_user_groups_for_object(self.object, self.request.user, self.viewer_permission, 'viewer')
kwargs['initial']['viewer_user_groups'] = [o.id for o in group_viewers]
return kwargs
def __getattr__(self, attr):
if attr == 'viewers':
return get_users_for_object(self,
'view_group',
[G3W_VIEWER1, G3W_VIEWER2],
with_anonymous=True)
elif attr == 'editor':
editors = get_users_for_object(self, 'change_group',
[G3W_EDITOR2, G3W_EDITOR1])
if len(editors) > 0:
return editors[0]
return super(Group, self).__getattr__(attr)
def get_form_kwargs(self):
kwargs = super(G3WACLViewMixin, self).get_form_kwargs()
kwargs['request'] = self.request
# get viewer users
viewers = get_users_for_object(self.object, self.viewer_permission, [G3W_VIEWER1, G3W_VIEWER2], with_anonymous=True)
kwargs['initial']['viewer_users'] = [o.id for o in viewers]
# get editor users
if self.request.user.is_superuser:
editor_users = get_users_for_object(self.object, self.editor_permission, [G3W_EDITOR2, G3W_EDITOR1])
if editor_users:
kwargs['initial']['editor_user'] = editor_users[0].id
return kwargs
def dispatch(self, request, *args, **kwargs):
# check permissions
project_app = apps.get_app_config(kwargs['project_type'])
Project = project_app.get_model('project')
# get project model object
try:
self.project = Project.objects.get(pk=kwargs['project_id']) if 'project_id' in kwargs else \
Project.objects.get(slug=kwargs['project_slug'])
except Project.DoesNotExist:
raise Http404('Map not found')
grant_users = get_users_for_object(self.project,
"view_project",
with_group_users=True)
anonymous_user = get_user_model().get_anonymous()
if request.user not in grant_users and anonymous_user not in grant_users and not request.user.is_superuser:
# redirect to login if Anonymous user
if request.user.is_anonymous:
return redirect_to_login(request.get_full_path(),
settings.LOGIN_URL, 'next')
else:
raise PermissionDenied()
return super(ClientView, self).dispatch(request, *args, **kwargs)
def handle(self, *args, **options):
# For every layers get user and user_groups with change_layer permissions
layers = Layer.objects.all()
changed_users = 0
changed_groups = 0
for l in layers:
# Get every 'viewer' and 'editor' user group with 'change_layer' permission
user_groups = list(set(get_groups_for_object(l, 'change_layer', 'viewer') + \
get_groups_for_object(l, 'change_layer', 'editor')))
users = get_users_for_object(l, 'change_layer', with_anonymous=True)
# Group before to avoid give single user grant
for g in user_groups:
g = ObjectPermissionChecker(g)
for p in EDITING_ATOMIC_PERMISSIONS:
if not g.has_perm(p, l):
setPermissionUserObject(g.group, l, [p])
changed_groups += 1
self.stdout.write(self.style.SUCCESS(f'Give atomic permissions to user group {g.group.name}'))
for u in users:
u = ObjectPermissionChecker(u)
for p in EDITING_ATOMIC_PERMISSIONS:
if not u.has_perm(p, l):
setPermissionUserObject(u.user, l, [p])
changed_users += 1
self.stdout.write(self.style.SUCCESS(f'Give atomic permissions to user {u.user.username}'))
self.stdout.write(self.style.SUCCESS(f'-----------------------------------------------------------'))
self.stdout.write(self.style.SUCCESS(f'Total user grants changed: {changed_users}'))
self.stdout.write(self.style.SUCCESS(f'Total user group grants changed: {changed_groups}'))
def get_form_kwargs(self):
kwargs = super(MacroGroupUpdateView, self).get_form_kwargs()
editor_users = get_users_for_object(self.object, 'view_macrogroup',
[G3W_EDITOR1])
kwargs['initial']['editor_users'] = [o.id for o in editor_users]
return kwargs
def get_context_data(self, **kwargs):
contextData = super(ClientView, self).get_context_data(**kwargs)
# group serializer
try:
group = self.project.group
except:
group = get_object_or_404(Group, slug=kwargs['group_slug'])
groupSerializer = GroupSerializer(group,
projectId=str(self.project.pk),
projectType=kwargs['project_type'],
request=self.request)
groupData = deepcopy(groupSerializer.data)
# choose client by querystring paramenters
contextData['client_default'] = self.get_client_name()
# login_url
login_url = None
try:
login_url = resolve_url(settings.LOGIN_URL) + '?next={}'.format(
reverse('group-project-map',
kwargs={
'group_slug': kwargs['group_slug'],
'project_type': kwargs['project_type'],
'project_id': self.project.pk
}))
except:
pass
# logout_url
logout_url = None
try:
logout_url = reverse('logout') + '?next={}'.format(
reverse('group-project-map',
kwargs={
'group_slug': kwargs['group_slug'],
'project_type': kwargs['project_type'],
'project_id': self.project.pk
}))
except:
pass
# add user login data
u = self.request.user
# admin_url
change_grant_users = get_users_for_object(self.project,
"change_project",
with_group_users=True)
if u in change_grant_users or u.is_superuser:
admin_url = reverse('home')
else:
admin_url = None
user_data = {'i18n': get_language(), 'login_url': login_url}
if not u.is_anonymous:
user_data.update({
'id': u.pk,
'username': u.username,
'first_name': u.first_name,
'last_name': u.last_name,
'is_superuser': u.is_superuser,
'is_staff': u.is_staff,
'groups': [g.name for g in u.groups.all()],
'logout_url': logout_url
})
if admin_url:
user_data.update({'admin_url': admin_url})
user_data = JSONRenderer().render(user_data)
serializedGroup = JSONRenderer().render(groupData)
if six.PY3:
serializedGroup = str(serializedGroup, 'utf-8')
baseurl = "/{}".format(
settings.SITE_PREFIX_URL if settings.SITE_PREFIX_URL else '')
frontendurl = ',"frontendurl":"{}"'.format(
baseurl) if settings.FRONTEND else ''
generaldata = GeneralSuiteData.objects.get()
# add baseUrl property
contextData['group_config'] = 'var initConfig ={{ "i18n": {}, "staticurl":"{}", "client":"{}", ' \
'"mediaurl":"{}", "user":{}, "group":{}, "baseurl":"{}", "vectorurl":"{}", ' \
'"proxyurl": "{}", "rasterurl":"{}", "interfaceowsurl":"{}", "main_map_title":{}, ' \
'"g3wsuite_logo_img": "{}", "credits": "{}", ' \
'"version": "{}" {} }}'.\
format(json.dumps(settings.LANGUAGES),
settings.STATIC_URL,
"{}/".format(settings.CLIENT_DEFAULT),
settings.MEDIA_URL,
user_data.decode('UTF-8'),
serializedGroup, baseurl,
settings.VECTOR_URL,
reverse('interface-proxy'),
settings.RASTER_URL,
reverse('interface-ows'),
'"' + generaldata.main_map_title + '"' if generaldata.main_map_title else 'null',
settings.CLIENT_G3WSUITE_LOGO,
reverse('client-credits'),
get_version(),
frontendurl)
# project by type(app)
if not '{}-{}'.format(kwargs['project_type'], self.project.pk) in list(
groupSerializer.projects.keys()):
raise Http404('No project type and/or project id present in group')
# page title
contextData['page_title'] = '{} | {}'.format(
getattr(settings, 'G3WSUITE_CUSTOM_TITLE', 'g3w - client'),
self.project.title_ur
if self.project.title_ur else self.project.title)
# choosen skin by user main role
contextData['skin_class'] = get_adminlte_skin_by_user(
self.request.user)
return contextData
