8
0
Fork 0
mirror of https://gitlab2.federez.net/re2o/re2o synced 2024-11-25 22:22:26 +00:00

Passage de cotisations, topologie et users avec le nouveau mixin

This commit is contained in:
Gabriel Detraz 2018-03-28 04:07:10 +02:00 committed by chirac
parent ef1dbc882b
commit 262431113f
3 changed files with 20 additions and 522 deletions

View file

@ -57,7 +57,7 @@ from django.utils import timezone
from machines.models import regen from machines.models import regen
from re2o.field_permissions import FieldPermissionModelMixin from re2o.field_permissions import FieldPermissionModelMixin
from re2o.mixins import AclMixin
class Facture(FieldPermissionModelMixin, models.Model): class Facture(FieldPermissionModelMixin, models.Model):
""" Définition du modèle des factures. Une facture regroupe une ou """ Définition du modèle des factures. Une facture regroupe une ou
@ -350,7 +350,7 @@ def vente_post_delete(sender, **kwargs):
user.ldap_sync(base=False, access_refresh=True, mac_refresh=False) user.ldap_sync(base=False, access_refresh=True, mac_refresh=False)
class Article(models.Model): class Article(AclMixin, models.Model):
"""Liste des articles en vente : prix, nom, et attribut iscotisation """Liste des articles en vente : prix, nom, et attribut iscotisation
et duree si c'est une cotisation""" et duree si c'est une cotisation"""
PRETTY_NAME = "Articles en vente" PRETTY_NAME = "Articles en vente"
@ -405,31 +405,11 @@ class Article(models.Model):
def get_instance(articleid, *args, **kwargs): def get_instance(articleid, *args, **kwargs):
return Article.objects.get(pk=articleid) return Article.objects.get(pk=articleid)
def can_create(user_request, *args, **kwargs):
return user_request.has_perm('cotisations.add_article'), u"Vous n'avez pas le\
droit d'ajouter des articles"
def can_edit(self, user_request, *args, **kwargs):
return user_request.has_perm('cotisations.change_article'), u"Vous n'avez pas le\
droit d'éditer des articles"
def can_delete(self, user_request, *args, **kwargs):
return user_request.has_perm('cotisations.delete_article'), u"Vous n'avez pas le\
droit de supprimer des articles"
def can_view_all(user_request, *args, **kwargs):
return user_request.has_perm('cotisations.view_article'), u"Vous n'avez pas le\
droit de voir des articles"
def can_view(self, user_request, *args, **kwargs):
return user_request.has_perm('cotisations.view_article'), u"Vous n'avez pas le\
droit de voir des articles"
def __str__(self): def __str__(self):
return self.name return self.name
class Banque(models.Model): class Banque(AclMixin, models.Model):
"""Liste des banques""" """Liste des banques"""
PRETTY_NAME = "Banques enregistrées" PRETTY_NAME = "Banques enregistrées"
@ -443,31 +423,11 @@ class Banque(models.Model):
def get_instance(banqueid, *args, **kwargs): def get_instance(banqueid, *args, **kwargs):
return Banque.objects.get(pk=banqueid) return Banque.objects.get(pk=banqueid)
def can_create(user_request, *args, **kwargs):
return user_request.has_perm('cotisations.add_banque'), u"Vous n'avez pas le\
droit d'ajouter des banques"
def can_edit(self, user_request, *args, **kwargs):
return user_request.has_perm('cotisations.change_banque'), u"Vous n'avez pas le\
droit d'éditer des banques"
def can_delete(self, user_request, *args, **kwargs):
return user_request.has_perm('cotisations.delete_banque'), u"Vous n'avez pas le\
droit de supprimer des banques"
def can_view_all(user_request, *args, **kwargs):
return user_request.has_perm('cotisations.view_banque'), u"Vous n'avez pas le\
droit de voir des banques"
def can_view(self, user_request, *args, **kwargs):
return user_request.has_perm('cotisations.view_banque'), u"Vous n'avez pas le\
droit de voir des banques"
def __str__(self): def __str__(self):
return self.name return self.name
class Paiement(models.Model): class Paiement(AclMixin, models.Model):
"""Moyens de paiement""" """Moyens de paiement"""
PRETTY_NAME = "Moyens de paiement" PRETTY_NAME = "Moyens de paiement"
PAYMENT_TYPES = ( PAYMENT_TYPES = (
@ -486,26 +446,6 @@ class Paiement(models.Model):
def get_instance(paiementid, *args, **kwargs): def get_instance(paiementid, *args, **kwargs):
return Paiement.objects.get(pk=paiementid) return Paiement.objects.get(pk=paiementid)
def can_create(user_request, *args, **kwargs):
return user_request.has_perm('cotisations.add_paiement'), u"Vous n'avez pas le\
droit d'ajouter des paiements"
def can_edit(self, user_request, *args, **kwargs):
return user_request.has_perm('cotisations.change_paiement'), u"Vous n'avez pas le\
droit d'éditer des paiements"
def can_delete(self, user_request, *args, **kwargs):
return user_request.has_perm('cotisations.delete_paiement'), u"Vous n'avez pas le\
droit de supprimer des paiements"
def can_view_all(user_request, *args, **kwargs):
return user_request.has_perm('cotisations.view_paiement'), u"Vous n'avez pas le\
droit de voir des paiements"
def can_view(self, user_request, *args, **kwargs):
return user_request.has_perm('cotisations.view_paiement'), u"Vous n'avez pas le\
droit de voir des paiements"
def __str__(self): def __str__(self):
return self.moyen return self.moyen

View file

@ -48,8 +48,9 @@ from django.db import transaction
from reversion import revisions as reversion from reversion import revisions as reversion
from machines.models import Machine, Interface, regen from machines.models import Machine, Interface, regen
from re2o.mixins import AclMixin
class Stack(models.Model): class Stack(AclMixin, models.Model):
"""Un objet stack. Regrouppe des switchs en foreign key """Un objet stack. Regrouppe des switchs en foreign key
,contient une id de stack, un switch id min et max dans ,contient une id de stack, un switch id min et max dans
le stack""" le stack"""
@ -69,30 +70,6 @@ class Stack(models.Model):
def get_instance(stack_id, *args, **kwargs): def get_instance(stack_id, *args, **kwargs):
return Stack.objects.get(pk=stack_id) return Stack.objects.get(pk=stack_id)
def can_create(user_request, *args, **kwargs):
return user_request.has_perm('topologie.add_stack') , u"Vous n'avez pas le droit\
de créer un stack"
def can_edit(self, user_request, *args, **kwargs):
if not user_request.has_perm('topologie.change_stack'):
return False, u"Vous n'avez pas le droit d'éditer des stack"
return True, None
def can_delete(self, user_request, *args, **kwargs):
if not user_request.has_perm('topologie.delete_stack'):
return False, u"Vous n'avez pas le droit de supprimer une stack"
return True, None
def can_view_all(user_request, *args, **kwargs):
if not user_request.has_perm('topologie.view_stack'):
return False, u"Vous n'avez pas le droit de voir une stack"
return True, None
def can_view(self, user_request, *args, **kwargs):
if not user_request.has_perm('topologie.view_stack'):
return False, u"Vous n'avez pas le droit de voir une stack"
return True, None
def __str__(self): def __str__(self):
return " ".join([self.name, self.stack_id]) return " ".join([self.name, self.stack_id])
@ -109,7 +86,7 @@ class Stack(models.Model):
inférieure à l'id minimale"}) inférieure à l'id minimale"})
class AccessPoint(Machine): class AccessPoint(AclMixin, Machine):
"""Define a wireless AP. Inherit from machines.interfaces """Define a wireless AP. Inherit from machines.interfaces
Definition pour une borne wifi , hérite de machines.interfaces Definition pour une borne wifi , hérite de machines.interfaces
@ -125,38 +102,14 @@ class AccessPoint(Machine):
class Meta: class Meta:
permissions = ( permissions = (
("view_ap", "Peut voir une borne"), ("view_accesspoint", "Peut voir une borne"),
) )
def get_instance(ap_id, *args, **kwargs): def get_instance(ap_id, *args, **kwargs):
return AccessPoint.objects.get(pk=ap_id) return AccessPoint.objects.get(pk=ap_id)
def can_create(user_request, *args, **kwargs):
return user_request.has_perm('topologie.add_ap') , u"Vous n'avez pas le droit\
de créer une borne"
def can_edit(self, user_request, *args, **kwargs): class Switch(AclMixin, Machine):
if not user_request.has_perm('topologie.change_ap'):
return False, u"Vous n'avez pas le droit d'éditer des bornes"
return True, None
def can_delete(self, user_request, *args, **kwargs):
if not user_request.has_perm('topologie.delete_ap'):
return False, u"Vous n'avez pas le droit de supprimer une borne"
return True, None
def can_view_all(user_request, *args, **kwargs):
if not user_request.has_perm('topologie.view_ap'):
return False, u"Vous n'avez pas le droit de voir les bornes"
return True, None
def can_view(self, user_request, *args, **kwargs):
if not user_request.has_perm('topologie.view_ap'):
return False, u"Vous n'avez pas le droit de voir les bornes"
return True, None
class Switch(Machine):
""" Definition d'un switch. Contient un nombre de ports (number), """ Definition d'un switch. Contient un nombre de ports (number),
un emplacement (location), un stack parent (optionnel, stack) un emplacement (location), un stack parent (optionnel, stack)
et un id de membre dans le stack (stack_member_id) et un id de membre dans le stack (stack_member_id)
@ -196,30 +149,6 @@ class Switch(Machine):
def get_instance(switch_id, *args, **kwargs): def get_instance(switch_id, *args, **kwargs):
return Switch.objects.get(pk=switch_id) return Switch.objects.get(pk=switch_id)
def can_create(user_request, *args, **kwargs):
return user_request.has_perm('topologie.add_switch') , u"Vous n'avez pas le droit\
de créer un switch"
def can_edit(self, user_request, *args, **kwargs):
if not user_request.has_perm('topologie.change_switch'):
return False, u"Vous n'avez pas le droit d'éditer des switch"
return True, None
def can_delete(self, user_request, *args, **kwargs):
if not user_request.has_perm('topologie.delete_switch'):
return False, u"Vous n'avez pas le droit de supprimer un switch"
return True, None
def can_view_all(user_request, *args, **kwargs):
if not user_request.has_perm('topologie.view_switch'):
return False, u"Vous n'avez pas le droit de voir les switch"
return True, None
def can_view(self, user_request, *args, **kwargs):
if not user_request.has_perm('topologie.view_switch'):
return False, u"Vous n'avez pas le droit de voir les switch"
return True, None
def clean(self): def clean(self):
""" Verifie que l'id stack est dans le bon range """ Verifie que l'id stack est dans le bon range
Appelle également le clean de la classe parente""" Appelle également le clean de la classe parente"""
@ -267,7 +196,7 @@ class Switch(Machine):
return str(self.interface_set.first()) return str(self.interface_set.first())
class ModelSwitch(models.Model): class ModelSwitch(AclMixin, models.Model):
"""Un modèle (au sens constructeur) de switch""" """Un modèle (au sens constructeur) de switch"""
PRETTY_NAME = "Modèle de switch" PRETTY_NAME = "Modèle de switch"
reference = models.CharField(max_length=255) reference = models.CharField(max_length=255)
@ -284,35 +213,11 @@ class ModelSwitch(models.Model):
def get_instance(model_switch_id, *args, **kwargs): def get_instance(model_switch_id, *args, **kwargs):
return ModelSwitch.objects.get(pk=model_switch_id) return ModelSwitch.objects.get(pk=model_switch_id)
def can_create(user_request, *args, **kwargs):
return user_request.has_perm('topologie.add_modelswitch') , u"Vous n'avez pas le droit\
de créer un modèle de switch"
def can_edit(self, user_request, *args, **kwargs):
if not user_request.has_perm('topologie.change_modelswitch'):
return False, u"Vous n'avez pas le droit d'éditer des modèle de switchs"
return True, None
def can_delete(self, user_request, *args, **kwargs):
if not user_request.has_perm('topologie.delete_modelswitch'):
return False, u"Vous n'avez pas le droit de supprimer un modèle switch"
return True, None
def can_view(self, user_request, *args, **kwargs):
if not user_request.has_perm('topologie.view_modelswitch'):
return False, u"Vous n'avez pas le droit de voir un modèle switch"
return True, None
def can_view_all(user_request, *args, **kwargs):
if not user_request.has_perm('topologie.view_modelswitch'):
return False, u"Vous n'avez pas le droit de voir un modèle switch"
return True, None
def __str__(self): def __str__(self):
return str(self.constructor) + ' ' + self.reference return str(self.constructor) + ' ' + self.reference
class ConstructorSwitch(models.Model): class ConstructorSwitch(AclMixin, models.Model):
"""Un constructeur de switch""" """Un constructeur de switch"""
PRETTY_NAME = "Constructeur de switch" PRETTY_NAME = "Constructeur de switch"
name = models.CharField(max_length=255) name = models.CharField(max_length=255)
@ -325,36 +230,11 @@ class ConstructorSwitch(models.Model):
def get_instance(constructor_switch_id, *args, **kwargs): def get_instance(constructor_switch_id, *args, **kwargs):
return ConstructorSwitch.objects.get(pk=constructor_switch_id) return ConstructorSwitch.objects.get(pk=constructor_switch_id)
def can_create(user_request, *args, **kwargs):
return user_request.has_perm('topologie.add_constructorswitch') , u"Vous n'avez pas le droit\
de créer un constructeur de switch"
def can_edit(self, user_request, *args, **kwargs):
if not user_request.has_perm('topologie.change_constructorswitch'):
return False, u"Vous n'avez pas le droit d'éditer des\
constructeurs de switchs"
return True, None
def can_delete(self, user_request, *args, **kwargs):
if not user_request.has_perm('topologie.delete_constructorswitch'):
return False, u"Vous n'avez pas le droit de supprimer un constructeur"
return True, None
def can_view_all(user_request, *args, **kwargs):
if not user_request.has_perm('topologie.view_constructorswitch'):
return False, u"Vous n'avez pas le droit de voir un constructeur"
return True, None
def can_view(self, user_request, *args, **kwargs):
if not user_request.has_perm('topologie.view_constructorswitch'):
return False, u"Vous n'avez pas le droit de voir un constructeur"
return True, None
def __str__(self): def __str__(self):
return self.name return self.name
class Port(models.Model): class Port(AclMixin, models.Model):
""" Definition d'un port. Relié à un switch(foreign_key), """ Definition d'un port. Relié à un switch(foreign_key),
un port peut etre relié de manière exclusive à : un port peut etre relié de manière exclusive à :
- une chambre (room) - une chambre (room)
@ -426,30 +306,6 @@ class Port(models.Model):
.prefetch_related('switch__interface_set__domain__extension')\ .prefetch_related('switch__interface_set__domain__extension')\
.get(pk=port_id) .get(pk=port_id)
def can_create(user_request, *args, **kwargs):
return user_request.has_perm('topologie.add_port') , u"Vous n'avez pas le droit\
de créer un port"
def can_edit(self, user_request, *args, **kwargs):
if not user_request.has_perm('topologie.change_port'):
return False, u"Vous n'avez pas le droit d'éditer des ports"
return True, None
def can_delete(self, user_request, *args, **kwargs):
if not user_request.has_perm('topologie.delete_port'):
return False, u"Vous n'avez pas le droit de supprimer un port"
return True, None
def can_view_all(user_request, *args, **kwargs):
if not user_request.has_perm('topologie.view_port'):
return False, u"Vous n'avez pas le droit de voir les ports"
return True, None
def can_view(self, user_request, *args, **kwargs):
if not user_request.has_perm('topologie.view_port'):
return False, u"Vous n'avez pas le droit de voir les ports"
return True, None
def make_port_related(self): def make_port_related(self):
""" Synchronise le port distant sur self""" """ Synchronise le port distant sur self"""
related_port = self.related related_port = self.related
@ -494,7 +350,7 @@ class Port(models.Model):
return str(self.switch) + " - " + str(self.port) return str(self.switch) + " - " + str(self.port)
class Room(models.Model): class Room(AclMixin, models.Model):
"""Une chambre/local contenant une prise murale""" """Une chambre/local contenant une prise murale"""
PRETTY_NAME = "Chambre/ Prise murale" PRETTY_NAME = "Chambre/ Prise murale"
@ -510,30 +366,6 @@ class Room(models.Model):
def get_instance(room_id, *args, **kwargs): def get_instance(room_id, *args, **kwargs):
return Room.objects.get(pk=room_id) return Room.objects.get(pk=room_id)
def can_create(user_request, *args, **kwargs):
return user_request.has_perm('topologie.add_room') , u"Vous n'avez pas le droit\
de créer une chambre"
def can_edit(self, user_request, *args, **kwargs):
if not user_request.has_perm('topologie.change_room'):
return False, u"Vous n'avez pas le droit d'éditer une chambre"
return True, None
def can_delete(self, user_request, *args, **kwargs):
if not user_request.has_perm('topologie.delete_room'):
return False, u"Vous n'avez pas le droit de supprimer une chambre"
return True, None
def can_view_all(user_request, *args, **kwargs):
if not user_request.has_perm('topologie.view_room'):
return False, u"Vous n'avez pas le droit de voir les chambres"
return True, None
def can_view(self, user_request, *args, **kwargs):
if not user_request.has_perm('topologie.view_room'):
return False, u"Vous n'avez pas le droit de voir les chambres"
return True, None
def __str__(self): def __str__(self):
return self.name return self.name

View file

@ -76,6 +76,7 @@ import ldapdb.models.fields
from re2o.settings import RIGHTS_LINK, LDAP, GID_RANGES, UID_RANGES from re2o.settings import RIGHTS_LINK, LDAP, GID_RANGES, UID_RANGES
from re2o.login import hashNT from re2o.login import hashNT
from re2o.field_permissions import FieldPermissionModelMixin from re2o.field_permissions import FieldPermissionModelMixin
from re2o.mixins import AclMixin
from cotisations.models import Cotisation, Facture, Paiement, Vente from cotisations.models import Cotisation, Facture, Paiement, Vente
from machines.models import Domain, Interface, Machine, regen from machines.models import Domain, Interface, Machine, regen
@ -922,7 +923,7 @@ def user_post_delete(sender, **kwargs):
user.ldap_del() user.ldap_del()
regen('mailing') regen('mailing')
class ServiceUser(AbstractBaseUser): class ServiceUser(AclMixin, AbstractBaseUser):
""" Classe des users daemons, règle leurs accès au ldap""" """ Classe des users daemons, règle leurs accès au ldap"""
readonly = 'readonly' readonly = 'readonly'
ACCESS = ( ACCESS = (
@ -992,58 +993,6 @@ class ServiceUser(AbstractBaseUser):
def get_instance(userid, *args, **kwargs): def get_instance(userid, *args, **kwargs):
return ServiceUser.objects.get(pk=userid) return ServiceUser.objects.get(pk=userid)
def can_create(user_request, *args, **kwargs):
"""Check if an user can create a ServiceUser object.
:param user_request: The user who wants to create a user object.
:return: a message and a boolean which is True if the user can create
or if the `options.all_can_create` is set.
"""
return user_request.has_perm('users.add_serviceuser'), (
u"Vous n'avez pas le droit de créer un service user"
)
def can_edit(self, user_request, *args, **kwargs):
"""Check if an user can edit a ServiceUser object.
:param self: The ServiceUser which is to be edited.
:param user_request: The user who requests to edit self.
:return: a message and a boolean which is True if edition is granted.
"""
return user_request.has_perm('users.change_serviceuser'), (
u"Vous n'avez pas le droit d'éditer les services users"
)
def can_delete(self, user_request, *args, **kwargs):
"""Check if an user can delete a ServiceUser object.
:param self: The ServiceUser who is to be deleted.
:param user_request: The user who requests deletion.
:return: True if user_request has the right 'infra', and a message.
"""
return user_request.has_perm('users.delete_serviceuser'), u"Vous n'avez pas le droit de\
supprimer un service user"
def can_view_all(user_request, *args, **kwargs):
"""Check if an user can access to the list of every ServiceUser objects
:param user_request: The user who wants to view the list.
:return: True if the user can view the list and an explanation message.
"""
return user_request.has_perm('users.view_serviceuser'), u"Vous n'avez pas le droit de\
voir un service user"
def can_view(self, user_request, *args, **kwargs):
"""Check if an user can view a ServiceUser object.
:param self: The targeted ServiceUser.
:param user_request: The user who ask for viewing the target.
:return: A boolean telling if the acces is granted and an explanation
text
"""
return user_request.has_perm('users.view_serviceuser'), u"Vous n'avez pas le droit de\
voir un service user"
def __str__(self): def __str__(self):
return self.pseudo return self.pseudo
@ -1061,7 +1010,7 @@ def service_user_post_delete(sender, **kwargs):
service_user.ldap_del() service_user.ldap_del()
class School(models.Model): class School(AclMixin, models.Model):
""" Etablissement d'enseignement""" """ Etablissement d'enseignement"""
PRETTY_NAME = "Établissements enregistrés" PRETTY_NAME = "Établissements enregistrés"
@ -1075,60 +1024,11 @@ class School(models.Model):
def get_instance(schoolid, *args, **kwargs): def get_instance(schoolid, *args, **kwargs):
return School.objects.get(pk=schoolid) return School.objects.get(pk=schoolid)
def can_create(user_request, *args, **kwargs):
"""Check if an user can create a School object.
:param user_request: The user who wants to create a user object.
:return: a message and a boolean which is True if the user can create.
"""
return user_request.has_perm('users.add_school'), u"Vous n'avez pas le\
droit de créer des écoles"
def can_edit(self, user_request, *args, **kwargs):
"""Check if an user can edit a School object.
:param self: The School which is to be edited.
:param user_request: The user who requests to edit self.
:return: a message and a boolean which is True if edition is granted.
"""
return user_request.has_perm('users.change_school'), u"Vous n'avez pas le\
droit d'éditer des écoles"
def can_delete(self, user_request, *args, **kwargs):
"""Check if an user can delete a School object.
:param self: The School which is to be deleted.
:param user_request: The user who requests deletion.
:return: True if deletion is granted, and a message.
"""
return user_request.has_perm('users.delete_school'), u"Vous n'avez pas le\
droit de supprimer des écoles"
def can_view_all(user_request, *args, **kwargs):
"""Check if an user can access to the list of every School objects
:param user_request: The user who wants to view the list.
:return: True if the user can view the list and an explanation message.
"""
return user_request.has_perm('users.view_school'), u"Vous n'avez pas le\
droit de voir les écoles"
def can_view(self, user_request, *args, **kwargs):
"""Check if an user can view a School object.
:param self: The targeted School.
:param user_request: The user who ask for viewing the target.
:return: A boolean telling if the acces is granted and an explanation
text
"""
return user_request.has_perm('users.view_school'), u"Vous n'avez pas le\
droit de voir les écoles"
def __str__(self): def __str__(self):
return self.name return self.name
class ListRight(Group): class ListRight(AclMixin, Group):
""" Ensemble des droits existants. Chaque droit crée un groupe """ Ensemble des droits existants. Chaque droit crée un groupe
ldap synchronisé, avec gid. ldap synchronisé, avec gid.
Permet de gérer facilement les accès serveurs et autres Permet de gérer facilement les accès serveurs et autres
@ -1161,55 +1061,6 @@ class ListRight(Group):
def get_instance(listrightid, *args, **kwargs): def get_instance(listrightid, *args, **kwargs):
return ListRight.objects.get(pk=listrightid) return ListRight.objects.get(pk=listrightid)
def can_create(user_request, *args, **kwargs):
"""Check if an user can create a ListRight object.
:param user_request: The user who wants to create a ListRight object.
:return: a message and a boolean which is True if the user can create.
"""
return user_request.has_perm('users.add_listright'), u"Vous n'avez pas le droit\
de créer des groupes de droits"
def can_edit(self, user_request, *args, **kwargs):
"""Check if an user can edit a ListRight object.
:param self: The object which is to be edited.
:param user_request: The user who requests to edit self.
:return: a message and a boolean which is True if edition is granted.
"""
return user_request.has_perm('users.change_listright'), u"Vous n'avez pas le droit\
d'éditer des groupes de droits"
def can_delete(self, user_request, *args, **kwargs):
"""Check if an user can delete a ListRight object.
:param self: The object which is to be deleted.
:param user_request: The user who requests deletion.
:return: True if deletion is granted, and a message.
"""
return user_request.has_perm('users.delete_listright'), u"Vous n'avez pas le droit\
de supprimer des groupes de droits"
def can_view_all(user_request, *args, **kwargs):
"""Check if an user can access to the list of every ListRight objects
:param user_request: The user who wants to view the list.
:return: True if the user can view the list and an explanation message.
"""
return user_request.has_perm('users.view_listright'), u"Vous n'avez pas le droit\
de voir les groupes de droits"
def can_view(self, user_request, *args, **kwargs):
"""Check if an user can view a ListRight object.
:param self: The targeted object.
:param user_request: The user who ask for viewing the target.
:return: A boolean telling if the acces is granted and an explanation
text
"""
return user_request.has_perm('users.view_listright'), u"Vous n'avez pas le droit\
de voir les groupes de droits"
def __str__(self): def __str__(self):
return self.name return self.name
@ -1247,7 +1098,7 @@ def listright_post_delete(sender, **kwargs):
right.ldap_del() right.ldap_del()
class ListShell(models.Model): class ListShell(AclMixin, models.Model):
"""Un shell possible. Pas de check si ce shell existe, les """Un shell possible. Pas de check si ce shell existe, les
admin sont des grands""" admin sont des grands"""
PRETTY_NAME = "Liste des shells disponibles" PRETTY_NAME = "Liste des shells disponibles"
@ -1266,60 +1117,11 @@ class ListShell(models.Model):
"""Return the canonical name of the shell""" """Return the canonical name of the shell"""
return self.shell.split("/")[-1] return self.shell.split("/")[-1]
def can_create(user_request, *args, **kwargs):
"""Check if an user can create a ListShell object.
:param user_request: The user who wants to create a user object.
:return: a message and a boolean which is True if the user can create.
"""
return user_request.has_perm('users.add_listshell'), u"Vous n'avez pas le\
droit de créer des shells"
def can_edit(self, user_request, *args, **kwargs):
"""Check if an user can edit a ListShell object.
:param self: The Shell which is to be edited.
:param user_request: The user who requests to edit self.
:return: a message and a boolean which is True if edition is granted.
"""
return user_request.has_perm('users.change_listshell'), u"Vous n'avez pas le\
droit d'éditer des shells"
def can_delete(self, user_request, *args, **kwargs):
"""Check if an user can delete a ListShell object.
:param self: The Shell which is to be deleted.
:param user_request: The user who requests deletion.
:return: True if deletion is granted, and a message.
"""
return user_request.has_perm('users.delete_listshell'), u"Vous n'avez pas le\
droit de supprimer des shells"
def can_view_all(user_request, *args, **kwargs):
"""Check if an user can access to the list of every ListShell objects
:param user_request: The user who wants to view the list.
:return: True if the user can view the list and an explanation message.
"""
return user_request.has_perm('users.view_listshell'), u"Vous n'avez pas le\
droit de voir les shells"
def can_view(self, user_request, *args, **kwargs):
"""Check if an user can view a ListShell object.
:param self: The targeted ListShell instance.
:param user_request: The user who ask for viewing the target.
:return: A boolean telling if the acces is granted and an explanation
text
"""
return user_request.has_perm('users.view_listshell'), u"Vous n'avez pas le\
droit de voir les shells"
def __str__(self): def __str__(self):
return self.shell return self.shell
class Ban(models.Model): class Ban(AclMixin, models.Model):
""" Bannissement. Actuellement a un effet tout ou rien. """ Bannissement. Actuellement a un effet tout ou rien.
Gagnerait à être granulaire""" Gagnerait à être granulaire"""
PRETTY_NAME = "Liste des bannissements" PRETTY_NAME = "Liste des bannissements"
@ -1369,44 +1171,6 @@ class Ban(models.Model):
def get_instance(banid, *args, **kwargs): def get_instance(banid, *args, **kwargs):
return Ban.objects.get(pk=banid) return Ban.objects.get(pk=banid)
def can_create(user_request, *args, **kwargs):
"""Check if an user can create a Ban object.
:param user_request: The user who wants to create a Ban object.
:return: a message and a boolean which is True if the user can create.
"""
return user_request.has_perm('users.add_ban'), u"Vous n'avez pas le droit de\
créer des bannissements"
def can_edit(self, user_request, *args, **kwargs):
"""Check if an user can edit a Ban object.
:param self: The object which is to be edited.
:param user_request: The user who requests to edit self.
:return: a message and a boolean which is True if edition is granted.
"""
return user_request.has_perm('users.change_ban'), u"Vous n'avez pas le droit\
d'éditer des bannissements"
def can_delete(self, user_request, *args, **kwargs):
"""Check if an user can delete a Ban object.
:param self: The object which is to be deleted.
:param user_request: The user who requests deletion.
:return: True if deletion is granted, and a message.
"""
return user_request.has_perm('users.delete_ban'), u"Vous n'avez pas le droit\
de supprimer des bannissements"
def can_view_all(user_request, *args, **kwargs):
"""Check if an user can access to the list of every Ban objects
:param user_request: The user who wants to view the list.
:return: True if the user can view the list and an explanation message.
"""
return user_request.has_perm('users.view_ban'), u"Vous n'avez pas le droit\
de voir tous les bannissements"
def can_view(self, user_request, *args, **kwargs): def can_view(self, user_request, *args, **kwargs):
"""Check if an user can view a Ban object. """Check if an user can view a Ban object.
@ -1453,7 +1217,7 @@ def ban_post_delete(sender, **kwargs):
regen('mac_ip_list') regen('mac_ip_list')
class Whitelist(models.Model): class Whitelist(AclMixin, models.Model):
"""Accès à titre gracieux. L'utilisateur ne paye pas; se voit """Accès à titre gracieux. L'utilisateur ne paye pas; se voit
accorder un accès internet pour une durée défini. Moins accorder un accès internet pour une durée défini. Moins
fort qu'un ban quel qu'il soit""" fort qu'un ban quel qu'il soit"""
@ -1475,44 +1239,6 @@ class Whitelist(models.Model):
def get_instance(whitelistid, *args, **kwargs): def get_instance(whitelistid, *args, **kwargs):
return Whitelist.objects.get(pk=whitelistid) return Whitelist.objects.get(pk=whitelistid)
def can_create(user_request, *args, **kwargs):
"""Check if an user can create a Whitelist object.
:param user_request: The user who wants to create a Whitelist object.
:return: a message and a boolean which is True if the user can create.
"""
return user_request.has_perm('users.add_whitelist'), u"Vous n'avez pas le\
droit de créer des accès gracieux"
def can_edit(self, user_request, *args, **kwargs):
"""Check if an user can edit a Whitelist object.
:param self: The object which is to be edited.
:param user_request: The user who requests to edit self.
:return: a message and a boolean which is True if edition is granted.
"""
return user_request.has_perm('users.change_whitelist'), u"Vous n'avez pas le\
droit d'éditer des accès gracieux"
def can_delete(self, user_request, *args, **kwargs):
"""Check if an user can delete a Whitelist object.
:param self: The object which is to be deleted.
:param user_request: The user who requests deletion.
:return: True if deletion is granted, and a message.
"""
return user_request.has_perm('users.delete_whitelist'), u"Vous n'avez pas le\
droit de supprimer des accès gracieux"
def can_view_all(user_request, *args, **kwargs):
"""Check if an user can access to the list of every Whitelist objects
:param user_request: The user who wants to view the list.
:return: True if the user can view the list and an explanation message.
"""
return user_request.has_perm('users.view_whitelist'), u"Vous n'avez pas le\
droit de voir les accès gracieux"
def can_view(self, user_request, *args, **kwargs): def can_view(self, user_request, *args, **kwargs):
"""Check if an user can view a Whitelist object. """Check if an user can view a Whitelist object.