mirror of
https://github.com/ae-utbm/sith.git
synced 2024-11-22 14:13:21 +00:00
Better right handling in files
This commit is contained in:
Skia
parent
1775569ecf
commit
830c15a585
@ -137,17 +137,22 @@ class User(AbstractBaseUser):
|
|||||||
return False
|
return False
|
||||||
else:
|
else:
|
||||||
return False
|
return False
|
||||||
if group_name[-6:] == settings.SITH_BOARD_SUFFIX:
|
if group_name[-len(settings.SITH_BOARD_SUFFIX):] == settings.SITH_BOARD_SUFFIX:
|
||||||
if 'club' in settings.INSTALLED_APPS:
|
from club.models import Club
|
||||||
from club.models import Club
|
name = group_name[:-len(settings.SITH_BOARD_SUFFIX)]
|
||||||
name = group_name[:-6]
|
c = Club.objects.filter(unix_name=name).first()
|
||||||
c = Club.objects.filter(unix_name=name).first()
|
mem = c.get_membership_for(self)
|
||||||
mem = c.get_membership_for(self)
|
if mem:
|
||||||
if mem:
|
return mem.role > settings.SITH_MAXIMUM_FREE_ROLE
|
||||||
return mem.role >= 2
|
return False
|
||||||
return False
|
if group_name[-len(settings.SITH_MEMBER_SUFFIX):] == settings.SITH_MEMBER_SUFFIX:
|
||||||
else:
|
from club.models import Club
|
||||||
return False
|
name = group_name[:-len(settings.SITH_MEMBER_SUFFIX)]
|
||||||
|
c = Club.objects.filter(unix_name=name).first()
|
||||||
|
mem = c.get_membership_for(self)
|
||||||
|
if mem:
|
||||||
|
return True
|
||||||
|
return False
|
||||||
if group_name == settings.SITH_GROUPS['root']['name'] and self.is_superuser:
|
if group_name == settings.SITH_GROUPS['root']['name'] and self.is_superuser:
|
||||||
return True
|
return True
|
||||||
return self.groups.filter(name=group_name).exists()
|
return self.groups.filter(name=group_name).exists()
|
||||||
|
|||||||
@ -13,6 +13,7 @@
|
|||||||
|
|
||||||
<body>
|
<body>
|
||||||
{% block header %}
|
{% block header %}
|
||||||
|
{% if not popup %}
|
||||||
<div id="logo"><a href="{{ url('core:index') }}"><img src="{{ static('core/img/logo.png') }}"
|
<div id="logo"><a href="{{ url('core:index') }}"><img src="{{ static('core/img/logo.png') }}"
|
||||||
alt="{% trans %}Logo{% endtrans %}" /></a></div>
|
alt="{% trans %}Logo{% endtrans %}" /></a></div>
|
||||||
<header>
|
<header>
|
||||||
@ -25,8 +26,12 @@
|
|||||||
<a href="{{ url('core:logout') }}">{% trans %}Logout{% endtrans %}</a>
|
<a href="{{ url('core:logout') }}">{% trans %}Logout{% endtrans %}</a>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
</header>
|
</header>
|
||||||
|
{% else %}
|
||||||
|
<div id="popupheader">{{ user.get_display_name() }}</div>
|
||||||
|
{% endif %}
|
||||||
{% endblock %}
|
{% endblock %}
|
||||||
{% block nav %}
|
{% block nav %}
|
||||||
|
{% if not popup %}
|
||||||
<nav>
|
<nav>
|
||||||
<a href="{{ url('core:user_list') }}">{% trans %}Users{% endtrans %}</a>
|
<a href="{{ url('core:user_list') }}">{% trans %}Users{% endtrans %}</a>
|
||||||
<a href="{{ url('core:page', page_name="Index") }}">{% trans %}Wiki{% endtrans %}</a>
|
<a href="{{ url('core:page', page_name="Index") }}">{% trans %}Wiki{% endtrans %}</a>
|
||||||
@ -34,6 +39,7 @@
|
|||||||
<a href="{{ url('club:club_list') }}">{% trans %}Clubs{% endtrans %}</a>
|
<a href="{{ url('club:club_list') }}">{% trans %}Clubs{% endtrans %}</a>
|
||||||
<a href="{{ url('core:page', "Services") }}">{% trans %}Services{% endtrans %}</a>
|
<a href="{{ url('core:page', "Services") }}">{% trans %}Services{% endtrans %}</a>
|
||||||
</nav>
|
</nav>
|
||||||
|
{% endif %}
|
||||||
{% endblock %}
|
{% endblock %}
|
||||||
|
|
||||||
<div id="content">
|
<div id="content">
|
||||||
@ -59,8 +65,7 @@
|
|||||||
<script src="{{ static('core/js/multiple-select.js') }}"></script>
|
<script src="{{ static('core/js/multiple-select.js') }}"></script>
|
||||||
<script src="{{ static('core/js/script.js') }}"></script>
|
<script src="{{ static('core/js/script.js') }}"></script>
|
||||||
<script>
|
<script>
|
||||||
$('select').multipleSelect({
|
$('select:not([multiple])').multipleSelect({
|
||||||
filter: true,
|
|
||||||
single: true,
|
single: true,
|
||||||
{% if not popup %}
|
{% if not popup %}
|
||||||
position: 'top',
|
position: 'top',
|
||||||
|
|||||||
@ -21,20 +21,6 @@
|
|||||||
{% endif %}
|
{% endif %}
|
||||||
{% endmacro %}
|
{% endmacro %}
|
||||||
|
|
||||||
{% block header %}
|
|
||||||
{% if popup != "" %}
|
|
||||||
<div id="popupheader">{{ user.get_display_name() }}</div>
|
|
||||||
{% else %}
|
|
||||||
{{ super() }}
|
|
||||||
{% endif %}
|
|
||||||
{% endblock %}
|
|
||||||
{% block nav %}
|
|
||||||
{% if popup != "" %}
|
|
||||||
{% else %}
|
|
||||||
{{ super() }}
|
|
||||||
{% endif %}
|
|
||||||
{% endblock %}
|
|
||||||
|
|
||||||
{% block content %}
|
{% block content %}
|
||||||
{{ print_file_name(file) }}
|
{{ print_file_name(file) }}
|
||||||
|
|
||||||
|
|||||||
@ -12,11 +12,13 @@
|
|||||||
</h3>
|
</h3>
|
||||||
<p>{% trans %}Owner: {% endtrans %}{{ file.owner.get_display_name() }}</p>
|
<p>{% trans %}Owner: {% endtrans %}{{ file.owner.get_display_name() }}</p>
|
||||||
{% if file.is_folder %}
|
{% if file.is_folder %}
|
||||||
|
{% if user.can_edit(file) %}
|
||||||
<form action="" method="post" enctype="multipart/form-data">
|
<form action="" method="post" enctype="multipart/form-data">
|
||||||
{% csrf_token %}
|
{% csrf_token %}
|
||||||
{{ form.as_p() }}
|
{{ form.as_p() }}
|
||||||
<p><input type="submit" value="{% trans %}Add{% endtrans %}"></p>
|
<p><input type="submit" value="{% trans %}Add{% endtrans %}"></p>
|
||||||
</form>
|
</form>
|
||||||
|
{% endif %}
|
||||||
<ul>
|
<ul>
|
||||||
{% for f in file.children.order_by('-is_folder', 'name').all() %}
|
{% for f in file.children.order_by('-is_folder', 'name').all() %}
|
||||||
<li>
|
<li>
|
||||||
|
|||||||
@ -2,11 +2,13 @@
|
|||||||
|
|
||||||
{% block content %}
|
{% block content %}
|
||||||
{{ super() }}
|
{{ super() }}
|
||||||
|
{% if user.is_in_group(settings.SITH_MAIN_BOARD_GROUP) %}
|
||||||
<form action="" method="post" enctype="multipart/form-data">
|
<form action="" method="post" enctype="multipart/form-data">
|
||||||
{% csrf_token %}
|
{% csrf_token %}
|
||||||
{{ form.as_p() }}
|
{{ form.as_p() }}
|
||||||
<p><input type="submit" value="{% trans %}Add{% endtrans %}"></p>
|
<p><input type="submit" value="{% trans %}Add{% endtrans %}"></p>
|
||||||
</form>
|
</form>
|
||||||
|
{% endif %}
|
||||||
{% if file_list %}
|
{% if file_list %}
|
||||||
<h3>{% trans %}File list{% endtrans %}</h3>
|
<h3>{% trans %}File list{% endtrans %}</h3>
|
||||||
<ul>
|
<ul>
|
||||||
|
|||||||
@ -9,7 +9,7 @@ from core.models import Group
|
|||||||
|
|
||||||
def forbidden(request):
|
def forbidden(request):
|
||||||
return HttpResponseForbidden(render(request, "core/403.jinja", context={'next': request.path, 'form':
|
return HttpResponseForbidden(render(request, "core/403.jinja", context={'next': request.path, 'form':
|
||||||
AuthenticationForm()}))
|
AuthenticationForm(), 'popup': request.resolver_match.kwargs['popup'] or ""}))
|
||||||
|
|
||||||
def not_found(request):
|
def not_found(request):
|
||||||
return HttpResponseNotFound(render(request, "core/404.jinja"))
|
return HttpResponseNotFound(render(request, "core/404.jinja"))
|
||||||
|
|||||||
@ -62,7 +62,7 @@ class AddFileForm(forms.Form):
|
|||||||
self.add_error(None, _("Error uploading file %(file_name)s: %(msg)s") %
|
self.add_error(None, _("Error uploading file %(file_name)s: %(msg)s") %
|
||||||
{'file_name': f, 'msg': str(e.message)})
|
{'file_name': f, 'msg': str(e.message)})
|
||||||
|
|
||||||
class FileListView(CanViewMixin, ListView, FormMixin):
|
class FileListView(ListView, FormMixin):
|
||||||
template_name = 'core/file_list.jinja'
|
template_name = 'core/file_list.jinja'
|
||||||
context_object_name = "file_list"
|
context_object_name = "file_list"
|
||||||
form_class = AddFileForm
|
form_class = AddFileForm
|
||||||
@ -75,7 +75,7 @@ class FileListView(CanViewMixin, ListView, FormMixin):
|
|||||||
self.object_list = self.get_queryset()
|
self.object_list = self.get_queryset()
|
||||||
self.form = self.get_form()
|
self.form = self.get_form()
|
||||||
files = request.FILES.getlist('file_field')
|
files = request.FILES.getlist('file_field')
|
||||||
if self.form.is_valid():
|
if request.user.is_authenticated() and request.user.is_in_group(settings.SITH_MAIN_BOARD_GROUP) and self.form.is_valid():
|
||||||
self.form.process(parent=None, owner=request.user, files=files)
|
self.form.process(parent=None, owner=request.user, files=files)
|
||||||
if self.form.is_valid():
|
if self.form.is_valid():
|
||||||
return super(FileListView, self).form_valid(self.form)
|
return super(FileListView, self).form_valid(self.form)
|
||||||
@ -141,7 +141,7 @@ class FileEditPropView(CanEditPropMixin, UpdateView):
|
|||||||
kwargs['popup'] = 'popup'
|
kwargs['popup'] = 'popup'
|
||||||
return kwargs
|
return kwargs
|
||||||
|
|
||||||
class FileView(CanEditMixin, DetailView, FormMixin):
|
class FileView(CanViewMixin, DetailView, FormMixin):
|
||||||
"""This class handle the upload of new files into a folder"""
|
"""This class handle the upload of new files into a folder"""
|
||||||
model = SithFile
|
model = SithFile
|
||||||
pk_url_kwarg = "file_id"
|
pk_url_kwarg = "file_id"
|
||||||
@ -157,7 +157,7 @@ class FileView(CanEditMixin, DetailView, FormMixin):
|
|||||||
self.object = self.get_object()
|
self.object = self.get_object()
|
||||||
self.form = self.get_form()
|
self.form = self.get_form()
|
||||||
files = request.FILES.getlist('file_field')
|
files = request.FILES.getlist('file_field')
|
||||||
if self.form.is_valid():
|
if request.user.is_authenticated() and request.user.can_edit(self.object) and self.form.is_valid():
|
||||||
self.form.process(parent=self.object, owner=request.user, files=files)
|
self.form.process(parent=self.object, owner=request.user, files=files)
|
||||||
if self.form.is_valid():
|
if self.form.is_valid():
|
||||||
return super(FileView, self).form_valid(self.form)
|
return super(FileView, self).form_valid(self.form)
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user