mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2024-11-20 10:23:12 +00:00
Doc des can_xxx, et simplification à 4 fonctions d'acl communes
This commit is contained in:
LEVY-FALK Hugo
root
parent
8c6c2a875e
commit
7c8945443b
1 changed files with 239 additions and 127 deletions
362
users/models.py
362
users/models.py
|
|
@ -763,9 +763,20 @@ class User(AbstractBaseUser):
|
||||||
return composed_pseudo(num)
|
return composed_pseudo(num)
|
||||||
|
|
||||||
def get_instance(userid, *args, **kwargs):
|
def get_instance(userid, *args, **kwargs):
|
||||||
|
"""Get the User instance with userid.
|
||||||
|
|
||||||
|
:param userid: The id
|
||||||
|
:return: The user
|
||||||
|
"""
|
||||||
return User.objects.get(pk=userid)
|
return User.objects.get(pk=userid)
|
||||||
|
|
||||||
def can_create(user_request, *args, **kwargs):
|
def can_create(user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can create an user object.
|
||||||
|
|
||||||
|
:param user_request: The user who wants to create a user object.
|
||||||
|
:return: a message and a boolean which is True if the user can create
|
||||||
|
an user or if the `options.all_can_create` is set.
|
||||||
|
"""
|
||||||
options, _created = OptionalUser.objects.get_or_create()
|
options, _created = OptionalUser.objects.get_or_create()
|
||||||
if options.all_can_create:
|
if options.all_can_create:
|
||||||
return True, None
|
return True, None
|
||||||
|
|
@ -773,10 +784,15 @@ class User(AbstractBaseUser):
|
||||||
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
||||||
droit de créer un utilisateur"
|
droit de créer un utilisateur"
|
||||||
|
|
||||||
def can_edit_all(user_request, *args, **kwargs):
|
|
||||||
return True, None
|
|
||||||
|
|
||||||
def can_edit(self, user_request, *args, **kwargs):
|
def can_edit(self, user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can edit an user object.
|
||||||
|
|
||||||
|
:param self: The user which is to be edited.
|
||||||
|
:param user_request: The user who requests to edit self.
|
||||||
|
:return: a message and a boolean which is True if self is a club and
|
||||||
|
user_request one of its member, or if user_request is self, or if
|
||||||
|
user_request has the 'cableur' right.
|
||||||
|
"""
|
||||||
if self.is_class_club and user_request.is_class_adherent:
|
if self.is_class_club and user_request.is_class_adherent:
|
||||||
if self == user_request or user_request.has_perms(('cableur',)) or\
|
if self == user_request or user_request.has_perms(('cableur',)) or\
|
||||||
user_request.adherent in self.club.administrators.all():
|
user_request.adherent in self.club.administrators.all():
|
||||||
|
|
@ -789,16 +805,37 @@ class User(AbstractBaseUser):
|
||||||
else:
|
else:
|
||||||
return False, u"Vous ne pouvez éditer un autre utilisateur que vous même"
|
return False, u"Vous ne pouvez éditer un autre utilisateur que vous même"
|
||||||
|
|
||||||
def can_delete_all(user_request, *args, **kwargs):
|
|
||||||
return True, None
|
|
||||||
|
|
||||||
def can_delete(self, user_request, *args, **kwargs):
|
def can_delete(self, user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can delete an user object.
|
||||||
|
|
||||||
|
:param self: The user who is to be deleted.
|
||||||
|
:param user_request: The user who requests deletion.
|
||||||
|
:return: True if user_request has the right 'bureau', and a message.
|
||||||
|
"""
|
||||||
|
if user_request.has_perms(('bureau',)):
|
||||||
return True, None
|
return True, None
|
||||||
|
else:
|
||||||
|
return False, u"Vous ne pouvez pas supprimer cet utilisateur."
|
||||||
|
|
||||||
def can_view_all(user_request, *args, **kwargs):
|
def can_view_all(user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can access to the list of every user objects
|
||||||
|
|
||||||
|
:param user_request: The user who wants to view the list.
|
||||||
|
:return: True if the user can view the list and an explanation message.
|
||||||
|
"""
|
||||||
|
if user_request.has_perms(('cableur',)):
|
||||||
return True, None
|
return True, None
|
||||||
|
else:
|
||||||
|
return False, u"Vous n'avez pas accès à la liste des utilisateurs."
|
||||||
|
|
||||||
def can_view(self, user_request, *args, **kwargs):
|
def can_view(self, user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can view an user object.
|
||||||
|
|
||||||
|
:param self: The targeted user.
|
||||||
|
:param user_request: The user who ask for viewing the target.
|
||||||
|
:return: A boolean telling if the acces is granted and an explanation
|
||||||
|
text
|
||||||
|
"""
|
||||||
if self.is_class_club and user_request.is_class_adherent:
|
if self.is_class_club and user_request.is_class_adherent:
|
||||||
if self == user_request or user_request.has_perms(('cableur',)) or\
|
if self == user_request or user_request.has_perms(('cableur',)) or\
|
||||||
user_request.adherent in self.club.administrators.all() or\
|
user_request.adherent in self.club.administrators.all() or\
|
||||||
|
|
@ -825,43 +862,15 @@ class Adherent(User):
|
||||||
blank=True,
|
blank=True,
|
||||||
null=True
|
null=True
|
||||||
)
|
)
|
||||||
pass
|
|
||||||
|
|
||||||
def get_instance(adherentid, *args, **kwargs):
|
def get_instance(adherentid, *args, **kwargs):
|
||||||
|
"""Try to find an instance of `Adherent` with the given id.
|
||||||
|
|
||||||
|
:param adherentid: The id of the adherent we are looking for.
|
||||||
|
:return: An adherent.
|
||||||
|
"""
|
||||||
return Adherent.objects.get(pk=adherentid)
|
return Adherent.objects.get(pk=adherentid)
|
||||||
|
|
||||||
def can_create(user_request, *args, **kwargs):
|
|
||||||
options, _created = OptionalUser.objects.get_or_create()
|
|
||||||
if options.all_can_create:
|
|
||||||
return True, None
|
|
||||||
else:
|
|
||||||
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
|
||||||
droit de créer un adherent"
|
|
||||||
|
|
||||||
def can_edit_all(user_request, *args, **kwargs):
|
|
||||||
return True, None
|
|
||||||
|
|
||||||
def can_edit(self, user_request, *args, **kwargs):
|
|
||||||
if self == user_request or user_request.has_perms(('cableur',)):
|
|
||||||
return True, None
|
|
||||||
else:
|
|
||||||
return False, u"Vous ne pouvez éditer un autre utilisateur que vous même"
|
|
||||||
|
|
||||||
def can_delete_all(user_request, *args, **kwargs):
|
|
||||||
return True, None
|
|
||||||
|
|
||||||
def can_delete(self, user_request, *args, **kwargs):
|
|
||||||
return True, None
|
|
||||||
|
|
||||||
def can_view_all(user_request, *args, **kwargs):
|
|
||||||
return True, None
|
|
||||||
|
|
||||||
def can_view(self, user_request, *args, **kwargs):
|
|
||||||
if self == user_request or user_request.has_perms(('cableur',)):
|
|
||||||
return True, None
|
|
||||||
else:
|
|
||||||
return False, u"Vous ne pouvez voir un autre utilisateur que vous même"
|
|
||||||
|
|
||||||
|
|
||||||
class Club(User):
|
class Club(User):
|
||||||
PRETTY_NAME = "Clubs"
|
PRETTY_NAME = "Clubs"
|
||||||
|
|
@ -882,46 +891,14 @@ class Club(User):
|
||||||
related_name='club_members'
|
related_name='club_members'
|
||||||
)
|
)
|
||||||
|
|
||||||
pass
|
|
||||||
|
|
||||||
def get_instance(clubid, *args, **kwargs):
|
def get_instance(clubid, *args, **kwargs):
|
||||||
|
"""Try to find an instance of `Club` with the given id.
|
||||||
|
|
||||||
|
:param clubid: The id of the adherent we are looking for.
|
||||||
|
:return: A club.
|
||||||
|
"""
|
||||||
return Club.objects.get(pk=clubid)
|
return Club.objects.get(pk=clubid)
|
||||||
|
|
||||||
def can_create(user_request, *args, **kwargs):
|
|
||||||
options, _created = OptionalUser.objects.get_or_create()
|
|
||||||
if options.all_can_create:
|
|
||||||
return True, None
|
|
||||||
else:
|
|
||||||
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
|
||||||
droit de créer un club"
|
|
||||||
|
|
||||||
def can_edit_all(user_request, *args, **kwargs):
|
|
||||||
return True, None
|
|
||||||
|
|
||||||
def can_edit(self, user_request, *args, **kwargs):
|
|
||||||
if self == user_request or user_request.has_perms(('cableur',)) or\
|
|
||||||
user_request.adherent in self.administrators.all():
|
|
||||||
return True, None
|
|
||||||
else:
|
|
||||||
return False, u"Vous n'avez pas le droit d'éditer ce club"
|
|
||||||
|
|
||||||
def can_delete_all(user_request, *args, **kwargs):
|
|
||||||
return True, None
|
|
||||||
|
|
||||||
def can_delete(self, user_request, *args, **kwargs):
|
|
||||||
return True, None
|
|
||||||
|
|
||||||
def can_view_all(user_request, *args, **kwargs):
|
|
||||||
return True, None
|
|
||||||
|
|
||||||
def can_view(self, user_request, *args, **kwargs):
|
|
||||||
if self == user_request or user_request.has_perms(('cableur',)) or\
|
|
||||||
user_request.adherent in self.administrators.all() or\
|
|
||||||
user_request.adherent in self.members.all():
|
|
||||||
return True, None
|
|
||||||
else:
|
|
||||||
return False, u"Vous n'avez pas le droit de voir ce club"
|
|
||||||
|
|
||||||
|
|
||||||
@receiver(post_save, sender=Adherent)
|
@receiver(post_save, sender=Adherent)
|
||||||
@receiver(post_save, sender=Club)
|
@receiver(post_save, sender=Club)
|
||||||
|
|
@ -1012,6 +989,12 @@ class ServiceUser(AbstractBaseUser):
|
||||||
return ServiceUser.objects.get(pk=userid)
|
return ServiceUser.objects.get(pk=userid)
|
||||||
|
|
||||||
def can_create(user_request, *args, **kwargs):
|
def can_create(user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can create a ServiceUser object.
|
||||||
|
|
||||||
|
:param user_request: The user who wants to create a user object.
|
||||||
|
:return: a message and a boolean which is True if the user can create
|
||||||
|
or if the `options.all_can_create` is set.
|
||||||
|
"""
|
||||||
options, _created = OptionalUser.objects.get_or_create()
|
options, _created = OptionalUser.objects.get_or_create()
|
||||||
if options.all_can_create:
|
if options.all_can_create:
|
||||||
return True, None
|
return True, None
|
||||||
|
|
@ -1019,27 +1002,43 @@ class ServiceUser(AbstractBaseUser):
|
||||||
return user_request.has_perms(('infra',)), u"Vous n'avez pas le droit de\
|
return user_request.has_perms(('infra',)), u"Vous n'avez pas le droit de\
|
||||||
créer un service user"
|
créer un service user"
|
||||||
|
|
||||||
def can_edit_all(user_request, *args, **kwargs):
|
|
||||||
return user_request.has_perms(('infra',)), u"Vous n'avez pas le droit d'éditer\
|
|
||||||
les services users"
|
|
||||||
|
|
||||||
def can_edit(self, user_request, *args, **kwargs):
|
def can_edit(self, user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can edit a ServiceUser object.
|
||||||
|
|
||||||
|
:param self: The ServiceUser which is to be edited.
|
||||||
|
:param user_request: The user who requests to edit self.
|
||||||
|
:return: a message and a boolean which is True if edition is granted.
|
||||||
|
"""
|
||||||
return user_request.has_perms(('infra',)), u"Vous n'avez pas le droit d'éditer\
|
return user_request.has_perms(('infra',)), u"Vous n'avez pas le droit d'éditer\
|
||||||
les services users"
|
les services users"
|
||||||
|
|
||||||
def can_delete_all(user_request, *args, **kwargs):
|
|
||||||
return user_request.has_perms(('infra',)), u"Vous n'avez pas le droit de\
|
|
||||||
supprimer un service user"
|
|
||||||
|
|
||||||
def can_delete(self, user_request, *args, **kwargs):
|
def can_delete(self, user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can delete a ServiceUser object.
|
||||||
|
|
||||||
|
:param self: The ServiceUser who is to be deleted.
|
||||||
|
:param user_request: The user who requests deletion.
|
||||||
|
:return: True if user_request has the right 'infra', and a message.
|
||||||
|
"""
|
||||||
return user_request.has_perms(('infra',)), u"Vous n'avez pas le droit de\
|
return user_request.has_perms(('infra',)), u"Vous n'avez pas le droit de\
|
||||||
supprimer un service user"
|
supprimer un service user"
|
||||||
|
|
||||||
def can_view_all(user_request, *args, **kwargs):
|
def can_view_all(user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can access to the list of every ServiceUser objects
|
||||||
|
|
||||||
|
:param user_request: The user who wants to view the list.
|
||||||
|
:return: True if the user can view the list and an explanation message.
|
||||||
|
"""
|
||||||
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit de\
|
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit de\
|
||||||
voir un service user"
|
voir un service user"
|
||||||
|
|
||||||
def can_view(self, user_request, *args, **kwargs):
|
def can_view(self, user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can view a ServiceUser object.
|
||||||
|
|
||||||
|
:param self: The targeted ServiceUser.
|
||||||
|
:param user_request: The user who ask for viewing the target.
|
||||||
|
:return: A boolean telling if the acces is granted and an explanation
|
||||||
|
text
|
||||||
|
"""
|
||||||
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit de\
|
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit de\
|
||||||
voir un service user"
|
voir un service user"
|
||||||
|
|
||||||
|
|
@ -1076,28 +1075,53 @@ class Right(models.Model):
|
||||||
return Right.objects.get(pk=rightid)
|
return Right.objects.get(pk=rightid)
|
||||||
|
|
||||||
def can_create(user_request, *args, **kwargs):
|
def can_create(user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can create a Right object.
|
||||||
|
|
||||||
|
:param user_request: The user who wants to create a user object.
|
||||||
|
:return: a message and a boolean which is True if the user can create.
|
||||||
|
"""
|
||||||
return user_request.has_perms(('bureau',)), u"Vous n'avez pas le droit de\
|
return user_request.has_perms(('bureau',)), u"Vous n'avez pas le droit de\
|
||||||
créer des droits"
|
créer des droits"
|
||||||
|
|
||||||
def can_edit_all(user_request, *args, **kwargs):
|
|
||||||
return True, None
|
|
||||||
|
|
||||||
def can_edit(self, user_request, *args, **kwargs):
|
def can_edit(self, user_request, *args, **kwargs):
|
||||||
return True, None
|
"""Check if an user can edit a Right object.
|
||||||
|
|
||||||
def can_delete_all(user_request, *args, **kwargs):
|
:param self: The Right which is to be edited.
|
||||||
return user_request.has_perms(('bureau',)), u"Vous n'avez pas le droit de\
|
:param user_request: The user who requests to edit self.
|
||||||
supprimer des droits"
|
:return: a message and a boolean which is True if edition is granted.
|
||||||
|
"""
|
||||||
|
return user_request.has_perms(('bureau',)), u"Vous n'avez pas le droit\
|
||||||
|
d'éditer des droits."
|
||||||
|
|
||||||
def can_delete(self, user_request, *args, **kwargs):
|
def can_delete(self, user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can delete a Right object.
|
||||||
|
|
||||||
|
:param self: The Right which is to be deleted.
|
||||||
|
:param user_request: The user who requests deletion.
|
||||||
|
:return: True if deletion is granted, and a message.
|
||||||
|
"""
|
||||||
return user_request.has_perms(('bureau',)), u"Vous n'avez pas le droit de\
|
return user_request.has_perms(('bureau',)), u"Vous n'avez pas le droit de\
|
||||||
supprimer des droits"
|
supprimer des droits"
|
||||||
|
|
||||||
def can_view_all(user_request, *args, **kwargs):
|
def can_view_all(user_request, *args, **kwargs):
|
||||||
return True, None
|
"""Check if an user can access to the list of every Right objects
|
||||||
|
|
||||||
|
:param user_request: The user who wants to view the list.
|
||||||
|
:return: True if the user can view the list and an explanation message.
|
||||||
|
"""
|
||||||
|
return user_request.has_perms(('cableur',)), u"Vous ne pouvez pas voir\
|
||||||
|
la liste des droits."
|
||||||
|
|
||||||
def can_view(self, user_request, *args, **kwargs):
|
def can_view(self, user_request, *args, **kwargs):
|
||||||
return True, None
|
"""Check if an user can view a Right object.
|
||||||
|
|
||||||
|
:param self: The targeted Right.
|
||||||
|
:param user_request: The user who ask for viewing the target.
|
||||||
|
:return: A boolean telling if the acces is granted and an explanation
|
||||||
|
text
|
||||||
|
"""
|
||||||
|
return user_request.has_perms(('cableur',)), u"Vous ne pouvez pas voir\
|
||||||
|
ce droit."
|
||||||
|
|
||||||
def __str__(self):
|
def __str__(self):
|
||||||
return str(self.user)
|
return str(self.user)
|
||||||
|
|
@ -1127,30 +1151,51 @@ class School(models.Model):
|
||||||
return School.objects.get(pk=schoolid)
|
return School.objects.get(pk=schoolid)
|
||||||
|
|
||||||
def can_create(user_request, *args, **kwargs):
|
def can_create(user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can create a School object.
|
||||||
|
|
||||||
|
:param user_request: The user who wants to create a user object.
|
||||||
|
:return: a message and a boolean which is True if the user can create.
|
||||||
|
"""
|
||||||
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
||||||
droit de créer des écoles"
|
droit de créer des écoles"
|
||||||
|
|
||||||
def can_edit_all(user_request, *args, **kwargs):
|
|
||||||
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
|
||||||
droit d'éditer des écoles"
|
|
||||||
|
|
||||||
def can_edit(self, user_request, *args, **kwargs):
|
def can_edit(self, user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can edit a School object.
|
||||||
|
|
||||||
|
:param self: The School which is to be edited.
|
||||||
|
:param user_request: The user who requests to edit self.
|
||||||
|
:return: a message and a boolean which is True if edition is granted.
|
||||||
|
"""
|
||||||
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
||||||
droit d'éditer des écoles"
|
droit d'éditer des écoles"
|
||||||
|
|
||||||
def can_delete_all(user_request, *args, **kwargs):
|
|
||||||
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
|
||||||
droit de supprimer des écoles"
|
|
||||||
|
|
||||||
def can_delete(self, user_request, *args, **kwargs):
|
def can_delete(self, user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can delete a School object.
|
||||||
|
|
||||||
|
:param self: The School which is to be deleted.
|
||||||
|
:param user_request: The user who requests deletion.
|
||||||
|
:return: True if deletion is granted, and a message.
|
||||||
|
"""
|
||||||
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
||||||
droit de supprimer des écoles"
|
droit de supprimer des écoles"
|
||||||
|
|
||||||
def can_view_all(user_request, *args, **kwargs):
|
def can_view_all(user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can access to the list of every School objects
|
||||||
|
|
||||||
|
:param user_request: The user who wants to view the list.
|
||||||
|
:return: True if the user can view the list and an explanation message.
|
||||||
|
"""
|
||||||
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
||||||
droit de voir les écoles"
|
droit de voir les écoles"
|
||||||
|
|
||||||
def can_view(self, user_request, *args, **kwargs):
|
def can_view(self, user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can view a School object.
|
||||||
|
|
||||||
|
:param self: The targeted School.
|
||||||
|
:param user_request: The user who ask for viewing the target.
|
||||||
|
:return: A boolean telling if the acces is granted and an explanation
|
||||||
|
text
|
||||||
|
"""
|
||||||
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
||||||
droit de voir les écoles"
|
droit de voir les écoles"
|
||||||
|
|
||||||
|
|
@ -1186,30 +1231,51 @@ class ListRight(models.Model):
|
||||||
return ListRight.objects.get(pk=listrightid)
|
return ListRight.objects.get(pk=listrightid)
|
||||||
|
|
||||||
def can_create(user_request, *args, **kwargs):
|
def can_create(user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can create a ListRight object.
|
||||||
|
|
||||||
|
:param user_request: The user who wants to create a ListRight object.
|
||||||
|
:return: a message and a boolean which is True if the user can create.
|
||||||
|
"""
|
||||||
return user_request.has_perms(('bureau',)), u"Vous n'avez pas le droit\
|
return user_request.has_perms(('bureau',)), u"Vous n'avez pas le droit\
|
||||||
de créer des groupes de droits"
|
de créer des groupes de droits"
|
||||||
|
|
||||||
def can_edit_all(user_request, *args, **kwargs):
|
|
||||||
return user_request.has_perms(('bureau',)), u"Vous n'avez pas le droit\
|
|
||||||
d'éditer des groupes de droits"
|
|
||||||
|
|
||||||
def can_edit(self, user_request, *args, **kwargs):
|
def can_edit(self, user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can edit a ListRight object.
|
||||||
|
|
||||||
|
:param self: The object which is to be edited.
|
||||||
|
:param user_request: The user who requests to edit self.
|
||||||
|
:return: a message and a boolean which is True if edition is granted.
|
||||||
|
"""
|
||||||
return user_request.has_perms(('bureau',)), u"Vous n'avez pas le droit\
|
return user_request.has_perms(('bureau',)), u"Vous n'avez pas le droit\
|
||||||
d'éditer des groupes de droits"
|
d'éditer des groupes de droits"
|
||||||
|
|
||||||
def can_delete_all(user_request, *args, **kwargs):
|
|
||||||
return user_request.has_perms(('bureau',)), u"Vous n'avez pas le droit\
|
|
||||||
de supprimer des groupes de droits"
|
|
||||||
|
|
||||||
def can_delete(self, user_request, *args, **kwargs):
|
def can_delete(self, user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can delete a ListRight object.
|
||||||
|
|
||||||
|
:param self: The object which is to be deleted.
|
||||||
|
:param user_request: The user who requests deletion.
|
||||||
|
:return: True if deletion is granted, and a message.
|
||||||
|
"""
|
||||||
return user_request.has_perms(('bureau',)), u"Vous n'avez pas le droit\
|
return user_request.has_perms(('bureau',)), u"Vous n'avez pas le droit\
|
||||||
de supprimer des groupes de droits"
|
de supprimer des groupes de droits"
|
||||||
|
|
||||||
def can_view_all(user_request, *args, **kwargs):
|
def can_view_all(user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can access to the list of every ListRight objects
|
||||||
|
|
||||||
|
:param user_request: The user who wants to view the list.
|
||||||
|
:return: True if the user can view the list and an explanation message.
|
||||||
|
"""
|
||||||
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
|
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
|
||||||
de voir les groupes de droits"
|
de voir les groupes de droits"
|
||||||
|
|
||||||
def can_view(self, user_request, *args, **kwargs):
|
def can_view(self, user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can view a ListRight object.
|
||||||
|
|
||||||
|
:param self: The targeted object.
|
||||||
|
:param user_request: The user who ask for viewing the target.
|
||||||
|
:return: A boolean telling if the acces is granted and an explanation
|
||||||
|
text
|
||||||
|
"""
|
||||||
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
|
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
|
||||||
de voir les groupes de droits"
|
de voir les groupes de droits"
|
||||||
|
|
||||||
|
|
@ -1309,27 +1375,50 @@ class Ban(models.Model):
|
||||||
return Ban.objects.get(pk=banid)
|
return Ban.objects.get(pk=banid)
|
||||||
|
|
||||||
def can_create(user_request, *args, **kwargs):
|
def can_create(user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can create a Ban object.
|
||||||
|
|
||||||
|
:param user_request: The user who wants to create a Ban object.
|
||||||
|
:return: a message and a boolean which is True if the user can create.
|
||||||
|
"""
|
||||||
return user_request.has_perms(('bofh',)), u"Vous n'avez pas le droit de\
|
return user_request.has_perms(('bofh',)), u"Vous n'avez pas le droit de\
|
||||||
créer des bannissements"
|
créer des bannissements"
|
||||||
|
|
||||||
def can_edit_all(user_request, *args, **kwargs):
|
|
||||||
return user_request.has_perms(('bofh',)), u"Vous n'avez pas le droit\
|
|
||||||
d'éditer des bannissements"
|
|
||||||
|
|
||||||
def can_edit(self, user_request, *args, **kwargs):
|
def can_edit(self, user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can edit a Ban object.
|
||||||
|
|
||||||
|
:param self: The object which is to be edited.
|
||||||
|
:param user_request: The user who requests to edit self.
|
||||||
|
:return: a message and a boolean which is True if edition is granted.
|
||||||
|
"""
|
||||||
return user_request.has_perms(('bofh',)), u"Vous n'avez pas le droit\
|
return user_request.has_perms(('bofh',)), u"Vous n'avez pas le droit\
|
||||||
d'éditer des bannissements"
|
d'éditer des bannissements"
|
||||||
|
|
||||||
def can_delete_all(self, user_request, *args, **kwargs):
|
|
||||||
return True, None
|
|
||||||
|
|
||||||
def can_delete(self, user_request, *args, **kwargs):
|
def can_delete(self, user_request, *args, **kwargs):
|
||||||
return True, None
|
"""Check if an user can delete a Ban object.
|
||||||
|
|
||||||
|
:param self: The object which is to be deleted.
|
||||||
|
:param user_request: The user who requests deletion.
|
||||||
|
:return: True if deletion is granted, and a message.
|
||||||
|
"""
|
||||||
|
return user_request.has_perms(('bofh',)), u"Vous n'avez pas le droit\
|
||||||
|
de supprimer des bannissements"
|
||||||
|
|
||||||
def can_view_all(user_request, *args, **kwargs):
|
def can_view_all(user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can access to the list of every Ban objects
|
||||||
|
|
||||||
|
:param user_request: The user who wants to view the list.
|
||||||
|
:return: True if the user can view the list and an explanation message.
|
||||||
|
"""
|
||||||
return True, None
|
return True, None
|
||||||
|
|
||||||
def can_view(self, user_request, *args, **kwargs):
|
def can_view(self, user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can view a Ban object.
|
||||||
|
|
||||||
|
:param self: The targeted object.
|
||||||
|
:param user_request: The user who ask for viewing the target.
|
||||||
|
:return: A boolean telling if the acces is granted and an explanation
|
||||||
|
text
|
||||||
|
"""
|
||||||
if not user_request.has_perms(('cableur',)) and\
|
if not user_request.has_perms(('cableur',)) and\
|
||||||
self.user != user_request:
|
self.user != user_request:
|
||||||
return False, u"Vous n'avez pas le droit de voir les bannissements\
|
return False, u"Vous n'avez pas le droit de voir les bannissements\
|
||||||
|
|
@ -1386,27 +1475,50 @@ class Whitelist(models.Model):
|
||||||
return Whitelist.objects.get(pk=whitelistid)
|
return Whitelist.objects.get(pk=whitelistid)
|
||||||
|
|
||||||
def can_create(user_request, *args, **kwargs):
|
def can_create(user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can create a Whitelist object.
|
||||||
|
|
||||||
|
:param user_request: The user who wants to create a Whitelist object.
|
||||||
|
:return: a message and a boolean which is True if the user can create.
|
||||||
|
"""
|
||||||
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
||||||
droit de créer des accès gracieux"
|
droit de créer des accès gracieux"
|
||||||
|
|
||||||
def can_edit_all(user_request, *args, **kwargs):
|
|
||||||
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
|
||||||
droit d'éditer des accès gracieux"
|
|
||||||
|
|
||||||
def can_edit(self, user_request, *args, **kwargs):
|
def can_edit(self, user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can edit a Whitelist object.
|
||||||
|
|
||||||
|
:param self: The object which is to be edited.
|
||||||
|
:param user_request: The user who requests to edit self.
|
||||||
|
:return: a message and a boolean which is True if edition is granted.
|
||||||
|
"""
|
||||||
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
||||||
droit d'éditer des accès gracieux"
|
droit d'éditer des accès gracieux"
|
||||||
|
|
||||||
def can_delete_all(user_request, *args, **kwargs):
|
|
||||||
return True, None
|
|
||||||
|
|
||||||
def can_delete(self, user_request, *args, **kwargs):
|
def can_delete(self, user_request, *args, **kwargs):
|
||||||
return True, None
|
"""Check if an user can delete a Whitelist object.
|
||||||
|
|
||||||
|
:param self: The object which is to be deleted.
|
||||||
|
:param user_request: The user who requests deletion.
|
||||||
|
:return: True if deletion is granted, and a message.
|
||||||
|
"""
|
||||||
|
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
||||||
|
droit de supprimer des accès gracieux"
|
||||||
|
|
||||||
def can_view_all(user_request, *args, **kwargs):
|
def can_view_all(user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can access to the list of every Whitelist objects
|
||||||
|
|
||||||
|
:param user_request: The user who wants to view the list.
|
||||||
|
:return: True if the user can view the list and an explanation message.
|
||||||
|
"""
|
||||||
return True, None
|
return True, None
|
||||||
|
|
||||||
def can_view(self, user_request, *args, **kwargs):
|
def can_view(self, user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can view a Whitelist object.
|
||||||
|
|
||||||
|
:param self: The targeted object.
|
||||||
|
:param user_request: The user who ask for viewing the target.
|
||||||
|
:return: A boolean telling if the acces is granted and an explanation
|
||||||
|
text
|
||||||
|
"""
|
||||||
if not user_request.has_perms(('cableur',)) and\
|
if not user_request.has_perms(('cableur',)) and\
|
||||||
self.user != user_request:
|
self.user != user_request:
|
||||||
return False, u"Vous n'avez pas le droit de voir les accès\
|
return False, u"Vous n'avez pas le droit de voir les accès\
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue