From 303531fed368b1b278fe929f62e2bd7aeb250dd9 Mon Sep 17 00:00:00 2001
From: chirac <chirac@re2o-test.auro.re>
Date: Thu, 31 Dec 2020 14:55:10 +0100
Subject: [PATCH] Add custom can_list acl for unpriviged views

---
 machines/models.py  | 56 +++++++++++++++++++++++++++++++++++++++++++++
 topologie/models.py | 48 ++++++++++++++++++++++++++++++++++++++
 users/models.py     | 32 ++++++++++++++++++++++++++
 3 files changed, 136 insertions(+)

diff --git a/machines/models.py b/machines/models.py
index 309e0dd4..711b9b79 100644
--- a/machines/models.py
+++ b/machines/models.py
@@ -378,6 +378,34 @@ class MachineType(RevMixin, AclMixin, models.Model):
             )
         return True, None, None
 
+    @classmethod
+    def can_list(cls, user_request, *_args, **_kwargs):
+        """All users can list unprivileged machinetypes 
+        Only members of privileged groups can list all.
+
+        :param user_request: The user who wants to view the list.
+        :return: True if the user can view the list and an explanation
+            message.
+
+        """
+        can, _message, _group = cls.can_use_all(user_request)
+        if can:
+            return (
+                True,
+                None,
+                None,
+                cls.objects.all()
+            )
+        else:
+            return (
+                False,
+                _("You don't have the right to use all machine types."),
+                ("machines.use_all_machinetype",),
+                cls.objects.filter(
+                    ip_type__in=IpType.objects.filter(need_infra=False)
+                ),
+            )
+
     def __str__(self):
         return self.name
 
@@ -2130,6 +2158,34 @@ class IpList(RevMixin, AclMixin, models.Model):
         self.clean()
         super(IpList, self).save(*args, **kwargs)
 
+    @classmethod
+    def can_list(cls, user_request, *_args, **_kwargs):
+        """Only privilged users can list all ipv4.
+        Others can list Ipv4 related with unprivileged type.
+
+        :param user_request: The user who wants to view the list.
+        :return: True if the user can view the list and an explanation
+            message.
+
+        """
+        can, _message, _group = IpType.can_use_all(user_request)
+        if can:
+            return (
+                True,
+                None,
+                None,
+                cls.objects.all()
+            )
+        else:
+            return (
+                False,
+                _("You don't have the right to use all machine types."),
+                ("machines.use_all_machinetype",),
+                cls.objects.filter(
+                    ip_type__in=IpType.objects.filter(need_infra=False)
+                ),
+            )
+
     def __str__(self):
         return self.ipv4
 
diff --git a/topologie/models.py b/topologie/models.py
index c0362480..b7219d27 100644
--- a/topologie/models.py
+++ b/topologie/models.py
@@ -731,6 +731,22 @@ class Dormitory(AclMixin, RevMixin, models.Model):
         else:
             return cache.get_or_set("multiple_dorms", cls.objects.count() > 1)
 
+    @classmethod
+    def can_list(cls, user_request, *_args, **_kwargs):
+        """All users can list dormitory
+
+        :param user_request: The user who wants to view the list.
+        :return: True if the user can view the list and an explanation
+            message.
+
+        """
+        return (
+            True,
+            None,
+            None,
+            cls.objects.all()
+        )
+
     def __str__(self):
         return self.name
 
@@ -762,6 +778,22 @@ class Building(AclMixin, RevMixin, models.Model):
         else:
             return self.name
 
+    @classmethod
+    def can_list(cls, user_request, *_args, **_kwargs):
+        """All users can list building
+
+        :param user_request: The user who wants to view the list.
+        :return: True if the user can view the list and an explanation
+            message.
+
+        """
+        return (
+            True,
+            None,
+            None,
+            cls.objects.all()
+        )
+
     @cached_property
     def cached_name(self):
         return self.get_name()
@@ -944,6 +976,22 @@ class Room(AclMixin, RevMixin, models.Model):
         verbose_name_plural = _("rooms")
         unique_together = ("name", "building")
 
+    @classmethod
+    def can_list(cls, user_request, *_args, **_kwargs):
+        """All users can list room
+
+        :param user_request: The user who wants to view the list.
+        :return: True if the user can view the list and an explanation
+            message.
+
+        """
+        return (
+            True,
+            None,
+            None,
+            cls.objects.all()
+        )
+
     def __str__(self):
         return self.building.cached_name + " " + self.name
 
diff --git a/users/models.py b/users/models.py
index 14215fdf..fc0c711a 100755
--- a/users/models.py
+++ b/users/models.py
@@ -2364,6 +2364,22 @@ class School(RevMixin, AclMixin, models.Model):
         verbose_name = _("school")
         verbose_name_plural = _("schools")
 
+    @classmethod
+    def can_list(cls, user_request, *_args, **_kwargs):
+        """All users can list schools
+
+        :param user_request: The user who wants to view the list.
+        :return: True if the user can view the list and an explanation
+            message.
+
+        """
+        return (
+            True,
+            None,
+            None,
+            cls.objects.all()
+        )
+
     def __str__(self):
         return self.name
 
@@ -2487,6 +2503,22 @@ class ListShell(RevMixin, AclMixin, models.Model):
         """
         return self.shell.split("/")[-1]
 
+    @classmethod
+    def can_list(cls, user_request, *_args, **_kwargs):
+        """All users can list shells
+
+        :param user_request: The user who wants to view the list.
+        :return: True if the user can view the list and an explanation
+            message.
+
+        """
+        return (
+            True,
+            None,
+            None,
+            cls.objects.all()
+        )
+
     def __str__(self):
         return self.shell