nk20/apps/permission/templatetags/perms.py

# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay
# SPDX-License-Identifier: GPL-3.0-or-later

from django.contrib.contenttypes.models import ContentType
from django.template.defaultfilters import stringfilter
from django import template
from note_kfet.middlewares import get_current_authenticated_user, get_current_session
from permission.backends import PermissionBackend


@stringfilter
def not_empty_model_list(model_name):
    """
    Return True if and only if the current user has right to see any object of the given model.
    """
    user = get_current_authenticated_user()
    session = get_current_session()
    if user is None:
        return False
    elif user.is_superuser and session.get("permission_mask", 0) >= 42:
        return True
    if session.get("not_empty_model_list_" + model_name, None):
        return session.get("not_empty_model_list_" + model_name, None) == 1
    spl = model_name.split(".")
    ct = ContentType.objects.get(app_label=spl[0], model=spl[1])
    qs = ct.model_class().objects.filter(PermissionBackend.filter_queryset(user, ct, "view")).all()
    session["not_empty_model_list_" + model_name] = 1 if qs.exists() else 2
    return session.get("not_empty_model_list_" + model_name) == 1


@stringfilter
def not_empty_model_change_list(model_name):
    """
    Return True if and only if the current user has right to change any object of the given model.
    """
    user = get_current_authenticated_user()
    session = get_current_session()
    if user is None:
        return False
    elif user.is_superuser and session.get("permission_mask", 0) >= 42:
        return True
    if session.get("not_empty_model_change_list_" + model_name, None):
        return session.get("not_empty_model_change_list_" + model_name, None) == 1
    spl = model_name.split(".")
    ct = ContentType.objects.get(app_label=spl[0], model=spl[1])
    qs = ct.model_class().objects.filter(PermissionBackend.filter_queryset(user, ct, "change"))
    session["not_empty_model_change_list_" + model_name] = 1 if qs.exists() else 2
    return session.get("not_empty_model_change_list_" + model_name) == 1


def has_perm(t, obj, field=None):
    print(t)
    perm = "." + t + ("__" + field if field else "_")
    return PermissionBackend().has_perm(get_current_authenticated_user(), perm, obj)


register = template.Library()
register.filter('not_empty_model_list', not_empty_model_list)
register.filter('not_empty_model_change_list', not_empty_model_change_list)
register.filter('has_perm', has_perm)
Protect views from viewing if the user has no right to view an object 2020-03-19 01:26:06 +00:00			`# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay`
			`# SPDX-License-Identifier: GPL-3.0-or-later`

			`from django.contrib.contenttypes.models import ContentType`
			`from django.template.defaultfilters import stringfilter`
			`from django import template`
Fix CI 2020-03-22 13:57:51 +00:00			`from note_kfet.middlewares import get_current_authenticated_user, get_current_session`
Restructurate code 2020-03-20 13:43:35 +00:00			`from permission.backends import PermissionBackend`
Protect views from viewing if the user has no right to view an object 2020-03-19 01:26:06 +00:00

			`@stringfilter`
			`def not_empty_model_list(model_name):`
Comment code 2020-03-20 14:58:14 +00:00			`"""`
			`Return True if and only if the current user has right to see any object of the given model.`
			`"""`
Protect views from viewing if the user has no right to view an object 2020-03-19 01:26:06 +00:00			`user = get_current_authenticated_user()`
More optimisation 2020-03-20 00:46:59 +00:00			`session = get_current_session()`
Fix note display for users that don't have enough rights 2020-03-19 13:25:43 +00:00			`if user is None:`
			`return False`
More optimisation 2020-03-20 00:46:59 +00:00			`elif user.is_superuser and session.get("permission_mask", 0) >= 42:`
Protect views from viewing if the user has no right to view an object 2020-03-19 01:26:06 +00:00			`return True`
More optimisation 2020-03-20 00:46:59 +00:00			`if session.get("not_empty_model_list_" + model_name, None):`
			`return session.get("not_empty_model_list_" + model_name, None) == 1`
Protect views from viewing if the user has no right to view an object 2020-03-19 01:26:06 +00:00			`spl = model_name.split(".")`
			`ct = ContentType.objects.get(app_label=spl[0], model=spl[1])`
Restructurate code 2020-03-20 13:43:35 +00:00			`qs = ct.model_class().objects.filter(PermissionBackend.filter_queryset(user, ct, "view")).all()`
More optimisation 2020-03-20 00:46:59 +00:00			`session["not_empty_model_list_" + model_name] = 1 if qs.exists() else 2`
			`return session.get("not_empty_model_list_" + model_name) == 1`
Protect views from viewing if the user has no right to view an object 2020-03-19 01:26:06 +00:00

			`@stringfilter`
			`def not_empty_model_change_list(model_name):`
Comment code 2020-03-20 14:58:14 +00:00			`"""`
			`Return True if and only if the current user has right to change any object of the given model.`
			`"""`
Protect views from viewing if the user has no right to view an object 2020-03-19 01:26:06 +00:00			`user = get_current_authenticated_user()`
More optimisation 2020-03-20 00:46:59 +00:00			`session = get_current_session()`
Fix note display for users that don't have enough rights 2020-03-19 13:25:43 +00:00			`if user is None:`
			`return False`
More optimisation 2020-03-20 00:46:59 +00:00			`elif user.is_superuser and session.get("permission_mask", 0) >= 42:`
Protect views from viewing if the user has no right to view an object 2020-03-19 01:26:06 +00:00			`return True`
More optimisation 2020-03-20 00:46:59 +00:00			`if session.get("not_empty_model_change_list_" + model_name, None):`
			`return session.get("not_empty_model_change_list_" + model_name, None) == 1`
Protect views from viewing if the user has no right to view an object 2020-03-19 01:26:06 +00:00			`spl = model_name.split(".")`
			`ct = ContentType.objects.get(app_label=spl[0], model=spl[1])`
			`qs = ct.model_class().objects.filter(PermissionBackend.filter_queryset(user, ct, "change"))`
More optimisation 2020-03-20 00:46:59 +00:00			`session["not_empty_model_change_list_" + model_name] = 1 if qs.exists() else 2`
			`return session.get("not_empty_model_change_list_" + model_name) == 1`
Protect views from viewing if the user has no right to view an object 2020-03-19 01:26:06 +00:00

Display guests list 2020-03-27 20:18:27 +00:00			`def has_perm(t, obj, field=None):`
			`print(t)`
			`perm = "." + t + ("__" + field if field else "_")`
			`return PermissionBackend().has_perm(get_current_authenticated_user(), perm, obj)`


Protect views from viewing if the user has no right to view an object 2020-03-19 01:26:06 +00:00			`register = template.Library()`
			`register.filter('not_empty_model_list', not_empty_model_list)`
			`register.filter('not_empty_model_change_list', not_empty_model_change_list)`
Display guests list 2020-03-27 20:18:27 +00:00			`register.filter('has_perm', has_perm)`