mirror of
https://github.com/ae-utbm/sith.git
synced 2024-12-25 17:21:15 +00:00
WIP: Refactor permissions
This commit is contained in:
parent
f7bfd6daed
commit
dc37e79f14
@ -251,7 +251,7 @@ class Page(models.Model):
|
||||
raise AlreadyLocked("The page is already locked by someone else")
|
||||
Page.lock_mutex[self.pk] = {'user': user,
|
||||
'time': timezone.now()}
|
||||
# print("Locking page")
|
||||
print("Locking page")
|
||||
|
||||
def set_lock_recursive(self, user):
|
||||
"""
|
||||
@ -264,7 +264,7 @@ class Page(models.Model):
|
||||
def unset_lock(self):
|
||||
"""Always try to unlock, even if there is no lock"""
|
||||
Page.lock_mutex.pop(self.pk, None)
|
||||
# print("Unlocking page")
|
||||
print("Unlocking page")
|
||||
|
||||
def get_lock(self):
|
||||
"""
|
||||
|
@ -1,7 +1,7 @@
|
||||
|
||||
from django.shortcuts import render
|
||||
from django.http import HttpResponseForbidden
|
||||
from django.core.exceptions import PermissionDenied
|
||||
from django.core.exceptions import PermissionDenied, ObjectDoesNotExist
|
||||
from django.views.generic.base import View
|
||||
|
||||
from core.models import Group
|
||||
@ -31,6 +31,8 @@ class CanEditPropMixin(View):
|
||||
# all objects of a class if they are in the right group
|
||||
if user.is_superuser or user.groups.filter(name=obj.owner_group.name).exists():
|
||||
return res
|
||||
print("Guyuy")
|
||||
self.object.unset_lock()
|
||||
raise PermissionDenied
|
||||
return HttpResponseForbidden("403, Forbidden")
|
||||
|
||||
@ -43,19 +45,19 @@ class CanEditMixin(CanEditPropMixin):
|
||||
# TODO: WIP: fix permissions with exceptions!
|
||||
try:
|
||||
res = super(CanEditMixin, self).dispatch(request, *arg, **kwargs)
|
||||
return res
|
||||
except PermissionDenied:
|
||||
pass
|
||||
except:
|
||||
return res
|
||||
res = super(CanEditPropMixin, self).dispatch(request, *arg, **kwargs)
|
||||
obj = self.object
|
||||
user = self.request.user
|
||||
if obj is None:
|
||||
return res
|
||||
for g in obj.edit_group.all():
|
||||
if user.groups.filter(name=g.name).exists():
|
||||
return super(CanEditPropMixin, self).dispatch(request, *arg, **kwargs)
|
||||
return res
|
||||
if isinstance(obj, User) and obj == user:
|
||||
return super(CanEditPropMixin, self).dispatch(request, *arg, **kwargs)
|
||||
return res
|
||||
raise PermissionDenied
|
||||
return HttpResponseForbidden("403, Forbidden")
|
||||
|
||||
@ -67,19 +69,18 @@ class CanViewMixin(CanEditMixin):
|
||||
def dispatch(self, request, *arg, **kwargs):
|
||||
try:
|
||||
res = super(CanViewMixin, self).dispatch(request, *arg, **kwargs)
|
||||
return res
|
||||
except PermissionDenied:
|
||||
pass
|
||||
except:
|
||||
return res
|
||||
res = super(CanEditPropMixin, self).dispatch(request, *arg, **kwargs)
|
||||
obj = self.object
|
||||
user = self.request.user
|
||||
if obj is None:
|
||||
return res
|
||||
for g in obj.view_group.all():
|
||||
if user.groups.filter(name=g.name).exists():
|
||||
return super(CanEditPropMixin, self).dispatch(request, *arg, **kwargs)
|
||||
return res
|
||||
raise PermissionDenied
|
||||
return HttpResponseForbidden("403, Forbidden")
|
||||
|
||||
from .user import *
|
||||
from .page import *
|
||||
|
Loading…
Reference in New Issue
Block a user