mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2024-12-03 18:12:24 +00:00
Add custom can_list acl for unpriviged views
This commit is contained in:
parent
6f121f09d0
commit
303531fed3
3 changed files with 136 additions and 0 deletions
|
@ -378,6 +378,34 @@ class MachineType(RevMixin, AclMixin, models.Model):
|
||||||
)
|
)
|
||||||
return True, None, None
|
return True, None, None
|
||||||
|
|
||||||
|
@classmethod
|
||||||
|
def can_list(cls, user_request, *_args, **_kwargs):
|
||||||
|
"""All users can list unprivileged machinetypes
|
||||||
|
Only members of privileged groups can list all.
|
||||||
|
|
||||||
|
:param user_request: The user who wants to view the list.
|
||||||
|
:return: True if the user can view the list and an explanation
|
||||||
|
message.
|
||||||
|
|
||||||
|
"""
|
||||||
|
can, _message, _group = cls.can_use_all(user_request)
|
||||||
|
if can:
|
||||||
|
return (
|
||||||
|
True,
|
||||||
|
None,
|
||||||
|
None,
|
||||||
|
cls.objects.all()
|
||||||
|
)
|
||||||
|
else:
|
||||||
|
return (
|
||||||
|
False,
|
||||||
|
_("You don't have the right to use all machine types."),
|
||||||
|
("machines.use_all_machinetype",),
|
||||||
|
cls.objects.filter(
|
||||||
|
ip_type__in=IpType.objects.filter(need_infra=False)
|
||||||
|
),
|
||||||
|
)
|
||||||
|
|
||||||
def __str__(self):
|
def __str__(self):
|
||||||
return self.name
|
return self.name
|
||||||
|
|
||||||
|
@ -2130,6 +2158,34 @@ class IpList(RevMixin, AclMixin, models.Model):
|
||||||
self.clean()
|
self.clean()
|
||||||
super(IpList, self).save(*args, **kwargs)
|
super(IpList, self).save(*args, **kwargs)
|
||||||
|
|
||||||
|
@classmethod
|
||||||
|
def can_list(cls, user_request, *_args, **_kwargs):
|
||||||
|
"""Only privilged users can list all ipv4.
|
||||||
|
Others can list Ipv4 related with unprivileged type.
|
||||||
|
|
||||||
|
:param user_request: The user who wants to view the list.
|
||||||
|
:return: True if the user can view the list and an explanation
|
||||||
|
message.
|
||||||
|
|
||||||
|
"""
|
||||||
|
can, _message, _group = IpType.can_use_all(user_request)
|
||||||
|
if can:
|
||||||
|
return (
|
||||||
|
True,
|
||||||
|
None,
|
||||||
|
None,
|
||||||
|
cls.objects.all()
|
||||||
|
)
|
||||||
|
else:
|
||||||
|
return (
|
||||||
|
False,
|
||||||
|
_("You don't have the right to use all machine types."),
|
||||||
|
("machines.use_all_machinetype",),
|
||||||
|
cls.objects.filter(
|
||||||
|
ip_type__in=IpType.objects.filter(need_infra=False)
|
||||||
|
),
|
||||||
|
)
|
||||||
|
|
||||||
def __str__(self):
|
def __str__(self):
|
||||||
return self.ipv4
|
return self.ipv4
|
||||||
|
|
||||||
|
|
|
@ -731,6 +731,22 @@ class Dormitory(AclMixin, RevMixin, models.Model):
|
||||||
else:
|
else:
|
||||||
return cache.get_or_set("multiple_dorms", cls.objects.count() > 1)
|
return cache.get_or_set("multiple_dorms", cls.objects.count() > 1)
|
||||||
|
|
||||||
|
@classmethod
|
||||||
|
def can_list(cls, user_request, *_args, **_kwargs):
|
||||||
|
"""All users can list dormitory
|
||||||
|
|
||||||
|
:param user_request: The user who wants to view the list.
|
||||||
|
:return: True if the user can view the list and an explanation
|
||||||
|
message.
|
||||||
|
|
||||||
|
"""
|
||||||
|
return (
|
||||||
|
True,
|
||||||
|
None,
|
||||||
|
None,
|
||||||
|
cls.objects.all()
|
||||||
|
)
|
||||||
|
|
||||||
def __str__(self):
|
def __str__(self):
|
||||||
return self.name
|
return self.name
|
||||||
|
|
||||||
|
@ -762,6 +778,22 @@ class Building(AclMixin, RevMixin, models.Model):
|
||||||
else:
|
else:
|
||||||
return self.name
|
return self.name
|
||||||
|
|
||||||
|
@classmethod
|
||||||
|
def can_list(cls, user_request, *_args, **_kwargs):
|
||||||
|
"""All users can list building
|
||||||
|
|
||||||
|
:param user_request: The user who wants to view the list.
|
||||||
|
:return: True if the user can view the list and an explanation
|
||||||
|
message.
|
||||||
|
|
||||||
|
"""
|
||||||
|
return (
|
||||||
|
True,
|
||||||
|
None,
|
||||||
|
None,
|
||||||
|
cls.objects.all()
|
||||||
|
)
|
||||||
|
|
||||||
@cached_property
|
@cached_property
|
||||||
def cached_name(self):
|
def cached_name(self):
|
||||||
return self.get_name()
|
return self.get_name()
|
||||||
|
@ -944,6 +976,22 @@ class Room(AclMixin, RevMixin, models.Model):
|
||||||
verbose_name_plural = _("rooms")
|
verbose_name_plural = _("rooms")
|
||||||
unique_together = ("name", "building")
|
unique_together = ("name", "building")
|
||||||
|
|
||||||
|
@classmethod
|
||||||
|
def can_list(cls, user_request, *_args, **_kwargs):
|
||||||
|
"""All users can list room
|
||||||
|
|
||||||
|
:param user_request: The user who wants to view the list.
|
||||||
|
:return: True if the user can view the list and an explanation
|
||||||
|
message.
|
||||||
|
|
||||||
|
"""
|
||||||
|
return (
|
||||||
|
True,
|
||||||
|
None,
|
||||||
|
None,
|
||||||
|
cls.objects.all()
|
||||||
|
)
|
||||||
|
|
||||||
def __str__(self):
|
def __str__(self):
|
||||||
return self.building.cached_name + " " + self.name
|
return self.building.cached_name + " " + self.name
|
||||||
|
|
||||||
|
|
|
@ -2364,6 +2364,22 @@ class School(RevMixin, AclMixin, models.Model):
|
||||||
verbose_name = _("school")
|
verbose_name = _("school")
|
||||||
verbose_name_plural = _("schools")
|
verbose_name_plural = _("schools")
|
||||||
|
|
||||||
|
@classmethod
|
||||||
|
def can_list(cls, user_request, *_args, **_kwargs):
|
||||||
|
"""All users can list schools
|
||||||
|
|
||||||
|
:param user_request: The user who wants to view the list.
|
||||||
|
:return: True if the user can view the list and an explanation
|
||||||
|
message.
|
||||||
|
|
||||||
|
"""
|
||||||
|
return (
|
||||||
|
True,
|
||||||
|
None,
|
||||||
|
None,
|
||||||
|
cls.objects.all()
|
||||||
|
)
|
||||||
|
|
||||||
def __str__(self):
|
def __str__(self):
|
||||||
return self.name
|
return self.name
|
||||||
|
|
||||||
|
@ -2487,6 +2503,22 @@ class ListShell(RevMixin, AclMixin, models.Model):
|
||||||
"""
|
"""
|
||||||
return self.shell.split("/")[-1]
|
return self.shell.split("/")[-1]
|
||||||
|
|
||||||
|
@classmethod
|
||||||
|
def can_list(cls, user_request, *_args, **_kwargs):
|
||||||
|
"""All users can list shells
|
||||||
|
|
||||||
|
:param user_request: The user who wants to view the list.
|
||||||
|
:return: True if the user can view the list and an explanation
|
||||||
|
message.
|
||||||
|
|
||||||
|
"""
|
||||||
|
return (
|
||||||
|
True,
|
||||||
|
None,
|
||||||
|
None,
|
||||||
|
cls.objects.all()
|
||||||
|
)
|
||||||
|
|
||||||
def __str__(self):
|
def __str__(self):
|
||||||
return self.shell
|
return self.shell
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue