ag-admin/OpenSlides
0
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
060856628b
OpenSlides/openslides/motions/access_permissions.py

195 lines
6.2 KiB
Python
Raw Normal View History

Fix updating of motion comments for inmemory cache. get_restricted_data() has to use deepcopy(full_data) instead of full_data.copy().
2016-11-02 00:09:59 +01:00
from copy import deepcopy
Remove CollectionElement * Use user_id: int instead of Optional[CollectionElment] in utils * Rewrote autoupdate system without CollectionElement
2018-11-03 23:40:20 +01:00
from typing import Any, Dict, List
Fix updating of motion comments for inmemory cache. get_restricted_data() has to use deepcopy(full_data) instead of full_data.copy().
2016-11-02 00:09:59 +01:00
drop python 3.5
2018-08-22 22:00:08 +02:00
from ..utils.access_permissions import BaseAccessPermissions
Remove utils.collections.Collection class and other cleanups * Activate restricted_data_cache on inmemory cache * Use ElementCache in rest-api get requests * Get requests on the restapi return 404 when the user has no permission * Added async function for has_perm and in_some_groups * changed Cachable.get_restricted_data to be an ansync function * rewrote required_user_system * changed default implementation of access_permission.check_permission to check a given permission or check if anonymous is enabled
2018-11-01 17:30:18 +01:00
from ..utils.auth import async_has_perm, async_in_some_groups
Massive refactoring for autoupdate optimization.
2016-02-11 22:58:32 +01:00
class MotionAccessPermissions(BaseAccessPermissions):
"""
Access permissions container for Motion and MotionViewSet.
"""
Remove utils.collections.Collection class and other cleanups * Activate restricted_data_cache on inmemory cache * Use ElementCache in rest-api get requests * Get requests on the restapi return 404 when the user has no permission * Added async function for has_perm and in_some_groups * changed Cachable.get_restricted_data to be an ansync function * rewrote required_user_system * changed default implementation of access_permission.check_permission to check a given permission or check if anonymous is enabled
2018-11-01 17:30:18 +01:00
base_permission = 'motions.can_see'
Massive refactoring for autoupdate optimization.
2016-02-11 22:58:32 +01:00
Forwarding JSON instead of Django model instances to autoupdate loop. - Used raw SQL for createing default projector during inital migration. - Removed default_password and hidden agenda items from autoupdate data for some users. - Removed old get_collection_and_id_from_url() function.
2016-03-02 00:46:19 +01:00
def get_serializer_class(self, user=None):
Massive refactoring for autoupdate optimization.
2016-02-11 22:58:32 +01:00
"""
Returns serializer class.
"""
from .serializers import MotionSerializer
return MotionSerializer
Remove utils.collections.Collection class and other cleanups * Activate restricted_data_cache on inmemory cache * Use ElementCache in rest-api get requests * Get requests on the restapi return 404 when the user has no permission * Added async function for has_perm and in_some_groups * changed Cachable.get_restricted_data to be an ansync function * rewrote required_user_system * changed default implementation of access_permission.check_permission to check a given permission or check if anonymous is enabled
2018-11-01 17:30:18 +01:00
async def get_restricted_data(
CollectionElement and Autoupdate cleanups * change get_restricted_data and get_projector_data to always use a list * Add typings to all get_restricted_data and get_projector_data methods * Replace CollectionElementList with a real list * Fixed arguments of inform_deleted_data * Moved CollectionElementCache to cache.py and refactored it * Run tests with cache enabled (using fakeredis)
2017-09-04 00:25:45 +02:00
self,
full_data: List[Dict[str, Any]],
Remove CollectionElement * Use user_id: int instead of Optional[CollectionElment] in utils * Rewrote autoupdate system without CollectionElement
2018-11-03 23:40:20 +01:00
user_id: int) -> List[Dict[str, Any]]:
Added generic fields for comments for motions.
2016-07-29 23:33:47 +02:00
"""
Returns the restricted serialized data for the instance prepared for
Fixed state flag required permission to see.
2016-12-09 18:00:45 +01:00
the user. Removes motion if the user has not the permission to see
Motion rework - remove motion version - migrations for versions and change recommendations - Redone motion comments. Wording changed from comment fields to comment sections - fixed test order, tests are not atomic - introduce get_group_model. Just use OpenSlides Groups and not the django's ones.
2018-08-31 15:33:41 +02:00
the motion in this state. Removes comments sections for
Refactoring of data parsing for startup and autoupdate.
2017-05-01 23:12:42 +02:00
some unauthorized users. Ensures that a user can only see his own
personal notes.
Added generic fields for comments for motions.
2016-07-29 23:33:47 +02:00
"""
Refactoring of data parsing for startup and autoupdate.
2017-05-01 23:12:42 +02:00
# Parse data.
Remove CollectionElement * Use user_id: int instead of Optional[CollectionElment] in utils * Rewrote autoupdate system without CollectionElement
2018-11-03 23:40:20 +01:00
if await async_has_perm(user_id, 'motions.can_see'):
Refactoring of data parsing for startup and autoupdate.
2017-05-01 23:12:42 +02:00
# TODO: Refactor this after personal_notes system is refactored.
data = []
for full in full_data:
# Check if user is submitter of this motion.
Remove CollectionElement * Use user_id: int instead of Optional[CollectionElment] in utils * Rewrote autoupdate system without CollectionElement
2018-11-03 23:40:20 +01:00
if user_id:
is_submitter = user_id in [
Sort submitters
2018-06-12 14:17:02 +02:00
submitter['user_id'] for submitter in full.get('submitters', [])]
Refactoring of data parsing for startup and autoupdate.
2017-05-01 23:12:42 +02:00
else:
# Anonymous users can not be submitters.
is_submitter = False
# Check see permission for this motion.
required_permission_to_see = full['state_required_permission_to_see']
permission = (
not required_permission_to_see or
Remove CollectionElement * Use user_id: int instead of Optional[CollectionElment] in utils * Rewrote autoupdate system without CollectionElement
2018-11-03 23:40:20 +01:00
await async_has_perm(user_id, required_permission_to_see) or
await async_has_perm(user_id, 'motions.can_manage') or
Refactoring of data parsing for startup and autoupdate.
2017-05-01 23:12:42 +02:00
is_submitter)
# Parse single motion.
if permission:
Motion rework - remove motion version - migrations for versions and change recommendations - Redone motion comments. Wording changed from comment fields to comment sections - fixed test order, tests are not atomic - introduce get_group_model. Just use OpenSlides Groups and not the django's ones.
2018-08-31 15:33:41 +02:00
full_copy = deepcopy(full)
full_copy['comments'] = []
for comment in full['comments']:
Remove CollectionElement * Use user_id: int instead of Optional[CollectionElment] in utils * Rewrote autoupdate system without CollectionElement
2018-11-03 23:40:20 +01:00
if await async_in_some_groups(user_id, comment['read_groups_id']):
Motion rework - remove motion version - migrations for versions and change recommendations - Redone motion comments. Wording changed from comment fields to comment sections - fixed test order, tests are not atomic - introduce get_group_model. Just use OpenSlides Groups and not the django's ones.
2018-08-31 15:33:41 +02:00
full_copy['comments'].append(comment)
data.append(full_copy)
Refactoring of data parsing for startup and autoupdate.
2017-05-01 23:12:42 +02:00
else:
data = []
CollectionElement and Autoupdate cleanups * change get_restricted_data and get_projector_data to always use a list * Add typings to all get_restricted_data and get_projector_data methods * Replace CollectionElementList with a real list * Fixed arguments of inform_deleted_data * Moved CollectionElementCache to cache.py and refactored it * Run tests with cache enabled (using fakeredis)
2017-09-04 00:25:45 +02:00
return data
Added generic fields for comments for motions.
2016-07-29 23:33:47 +02:00
Massive refactoring for autoupdate optimization.
2016-02-11 22:58:32 +01:00
Change recommendations
2016-09-10 18:49:38 +02:00
class MotionChangeRecommendationAccessPermissions(BaseAccessPermissions):
"""
Access permissions container for MotionChangeRecommendation and MotionChangeRecommendationViewSet.
"""
Remove utils.collections.Collection class and other cleanups * Activate restricted_data_cache on inmemory cache * Use ElementCache in rest-api get requests * Get requests on the restapi return 404 when the user has no permission * Added async function for has_perm and in_some_groups * changed Cachable.get_restricted_data to be an ansync function * rewrote required_user_system * changed default implementation of access_permission.check_permission to check a given permission or check if anonymous is enabled
2018-11-01 17:30:18 +01:00
base_permission = 'motions.can_see'
Change recommendations
2016-09-10 18:49:38 +02:00
def get_serializer_class(self, user=None):
"""
Returns serializer class.
"""
from .serializers import MotionChangeRecommendationSerializer
return MotionChangeRecommendationSerializer
Remove utils.collections.Collection class and other cleanups * Activate restricted_data_cache on inmemory cache * Use ElementCache in rest-api get requests * Get requests on the restapi return 404 when the user has no permission * Added async function for has_perm and in_some_groups * changed Cachable.get_restricted_data to be an ansync function * rewrote required_user_system * changed default implementation of access_permission.check_permission to check a given permission or check if anonymous is enabled
2018-11-01 17:30:18 +01:00
async def get_restricted_data(
Setting change recommendations internal
2018-10-25 15:11:38 +02:00
self,
full_data: List[Dict[str, Any]],
Remove CollectionElement * Use user_id: int instead of Optional[CollectionElment] in utils * Rewrote autoupdate system without CollectionElement
2018-11-03 23:40:20 +01:00
user_id: int) -> List[Dict[str, Any]]:
Setting change recommendations internal
2018-10-25 15:11:38 +02:00
"""
Removes change recommendations if they are internal and the user has
not the can_manage permission. To see change recommendation the user needs
the can_see permission.
"""
# Parse data.
Remove CollectionElement * Use user_id: int instead of Optional[CollectionElment] in utils * Rewrote autoupdate system without CollectionElement
2018-11-03 23:40:20 +01:00
if await async_has_perm(user_id, 'motions.can_see'):
has_manage_perms = await async_has_perm(user_id, 'motion.can_manage')
Setting change recommendations internal
2018-10-25 15:11:38 +02:00
data = []
for full in full_data:
if not full['internal'] or has_manage_perms:
data.append(full)
else:
data = []
return data
Change recommendations
2016-09-10 18:49:38 +02:00
Motion rework - remove motion version - migrations for versions and change recommendations - Redone motion comments. Wording changed from comment fields to comment sections - fixed test order, tests are not atomic - introduce get_group_model. Just use OpenSlides Groups and not the django's ones.
2018-08-31 15:33:41 +02:00
class MotionCommentSectionAccessPermissions(BaseAccessPermissions):
"""
Access permissions container for MotionCommentSection and MotionCommentSectionViewSet.
"""
Remove utils.collections.Collection class and other cleanups * Activate restricted_data_cache on inmemory cache * Use ElementCache in rest-api get requests * Get requests on the restapi return 404 when the user has no permission * Added async function for has_perm and in_some_groups * changed Cachable.get_restricted_data to be an ansync function * rewrote required_user_system * changed default implementation of access_permission.check_permission to check a given permission or check if anonymous is enabled
2018-11-01 17:30:18 +01:00
base_permission = 'motions.can_see'
Motion rework - remove motion version - migrations for versions and change recommendations - Redone motion comments. Wording changed from comment fields to comment sections - fixed test order, tests are not atomic - introduce get_group_model. Just use OpenSlides Groups and not the django's ones.
2018-08-31 15:33:41 +02:00
def get_serializer_class(self, user=None):
"""
Returns serializer class.
"""
from .serializers import MotionCommentSectionSerializer
return MotionCommentSectionSerializer
Remove utils.collections.Collection class and other cleanups * Activate restricted_data_cache on inmemory cache * Use ElementCache in rest-api get requests * Get requests on the restapi return 404 when the user has no permission * Added async function for has_perm and in_some_groups * changed Cachable.get_restricted_data to be an ansync function * rewrote required_user_system * changed default implementation of access_permission.check_permission to check a given permission or check if anonymous is enabled
2018-11-01 17:30:18 +01:00
async def get_restricted_data(
Motion rework - remove motion version - migrations for versions and change recommendations - Redone motion comments. Wording changed from comment fields to comment sections - fixed test order, tests are not atomic - introduce get_group_model. Just use OpenSlides Groups and not the django's ones.
2018-08-31 15:33:41 +02:00
self,
full_data: List[Dict[str, Any]],
Remove CollectionElement * Use user_id: int instead of Optional[CollectionElment] in utils * Rewrote autoupdate system without CollectionElement
2018-11-03 23:40:20 +01:00
user_id: int) -> List[Dict[str, Any]]:
Motion rework - remove motion version - migrations for versions and change recommendations - Redone motion comments. Wording changed from comment fields to comment sections - fixed test order, tests are not atomic - introduce get_group_model. Just use OpenSlides Groups and not the django's ones.
2018-08-31 15:33:41 +02:00
"""
If the user has manage rights, he can see all sections. If not all sections
will be removed, when the user is not in at least one of the read_groups.
"""
data: List[Dict[str, Any]] = []
Remove CollectionElement * Use user_id: int instead of Optional[CollectionElment] in utils * Rewrote autoupdate system without CollectionElement
2018-11-03 23:40:20 +01:00
if await async_has_perm(user_id, 'motions.can_manage'):
Motion rework - remove motion version - migrations for versions and change recommendations - Redone motion comments. Wording changed from comment fields to comment sections - fixed test order, tests are not atomic - introduce get_group_model. Just use OpenSlides Groups and not the django's ones.
2018-08-31 15:33:41 +02:00
data = full_data
else:
for full in full_data:
read_groups = full.get('read_groups_id', [])
Remove CollectionElement * Use user_id: int instead of Optional[CollectionElment] in utils * Rewrote autoupdate system without CollectionElement
2018-11-03 23:40:20 +01:00
if await async_in_some_groups(user_id, read_groups):
Motion rework - remove motion version - migrations for versions and change recommendations - Redone motion comments. Wording changed from comment fields to comment sections - fixed test order, tests are not atomic - introduce get_group_model. Just use OpenSlides Groups and not the django's ones.
2018-08-31 15:33:41 +02:00
data.append(full)
return data
New motion features - Added weight and sort_parent fields to the motion model - Added motion sort view (adapted from agenda) - Added statute-paragraph model and tests for it - Added statute_paragraph foreign key to the motion model - Created migrations for sorting and statute-paragraph
2018-09-24 10:28:31 +02:00
class StatuteParagraphAccessPermissions(BaseAccessPermissions):
"""
Access permissions container for StatuteParagraph and StatuteParagraphViewSet.
"""
Remove utils.collections.Collection class and other cleanups * Activate restricted_data_cache on inmemory cache * Use ElementCache in rest-api get requests * Get requests on the restapi return 404 when the user has no permission * Added async function for has_perm and in_some_groups * changed Cachable.get_restricted_data to be an ansync function * rewrote required_user_system * changed default implementation of access_permission.check_permission to check a given permission or check if anonymous is enabled
2018-11-01 17:30:18 +01:00
base_permission = 'motions.can_see'
New motion features - Added weight and sort_parent fields to the motion model - Added motion sort view (adapted from agenda) - Added statute-paragraph model and tests for it - Added statute_paragraph foreign key to the motion model - Created migrations for sorting and statute-paragraph
2018-09-24 10:28:31 +02:00
def get_serializer_class(self, user=None):
"""
Returns serializer class.
"""
from .serializers import StatuteParagraphSerializer
return StatuteParagraphSerializer
Massive refactoring for autoupdate optimization.
2016-02-11 22:58:32 +01:00
class CategoryAccessPermissions(BaseAccessPermissions):
"""
Access permissions container for Category and CategoryViewSet.
"""
Remove utils.collections.Collection class and other cleanups * Activate restricted_data_cache on inmemory cache * Use ElementCache in rest-api get requests * Get requests on the restapi return 404 when the user has no permission * Added async function for has_perm and in_some_groups * changed Cachable.get_restricted_data to be an ansync function * rewrote required_user_system * changed default implementation of access_permission.check_permission to check a given permission or check if anonymous is enabled
2018-11-01 17:30:18 +01:00
base_permission = 'motions.can_see'
Massive refactoring for autoupdate optimization.
2016-02-11 22:58:32 +01:00
Forwarding JSON instead of Django model instances to autoupdate loop. - Used raw SQL for createing default projector during inital migration. - Removed default_password and hidden agenda items from autoupdate data for some users. - Removed old get_collection_and_id_from_url() function.
2016-03-02 00:46:19 +01:00
def get_serializer_class(self, user=None):
Massive refactoring for autoupdate optimization.
2016-02-11 22:58:32 +01:00
"""
Returns serializer class.
"""
from .serializers import CategorySerializer
return CategorySerializer
New feature blocks for motions. - Added ListView, DetailView, UpdateForm and connection to agenda item for MotionBlock. - Added slide and projection default. - Added custom manager for motion blocks. - Enabled current list of speakers slide and overlay for motion block.
2016-10-01 20:42:44 +02:00
class MotionBlockAccessPermissions(BaseAccessPermissions):
"""
Access permissions container for Category and CategoryViewSet.
"""
Remove utils.collections.Collection class and other cleanups * Activate restricted_data_cache on inmemory cache * Use ElementCache in rest-api get requests * Get requests on the restapi return 404 when the user has no permission * Added async function for has_perm and in_some_groups * changed Cachable.get_restricted_data to be an ansync function * rewrote required_user_system * changed default implementation of access_permission.check_permission to check a given permission or check if anonymous is enabled
2018-11-01 17:30:18 +01:00
base_permission = 'motions.can_see'
New feature blocks for motions. - Added ListView, DetailView, UpdateForm and connection to agenda item for MotionBlock. - Added slide and projection default. - Added custom manager for motion blocks. - Enabled current list of speakers slide and overlay for motion block.
2016-10-01 20:42:44 +02:00
def get_serializer_class(self, user=None):
"""
Returns serializer class.
"""
from .serializers import MotionBlockSerializer
return MotionBlockSerializer
Massive refactoring for autoupdate optimization.
2016-02-11 22:58:32 +01:00
class WorkflowAccessPermissions(BaseAccessPermissions):
"""
Access permissions container for Workflow and WorkflowViewSet.
"""
Remove utils.collections.Collection class and other cleanups * Activate restricted_data_cache on inmemory cache * Use ElementCache in rest-api get requests * Get requests on the restapi return 404 when the user has no permission * Added async function for has_perm and in_some_groups * changed Cachable.get_restricted_data to be an ansync function * rewrote required_user_system * changed default implementation of access_permission.check_permission to check a given permission or check if anonymous is enabled
2018-11-01 17:30:18 +01:00
base_permission = 'motions.can_see'
Massive refactoring for autoupdate optimization.
2016-02-11 22:58:32 +01:00
Forwarding JSON instead of Django model instances to autoupdate loop. - Used raw SQL for createing default projector during inital migration. - Removed default_password and hidden agenda items from autoupdate data for some users. - Removed old get_collection_and_id_from_url() function.
2016-03-02 00:46:19 +01:00
def get_serializer_class(self, user=None):
Massive refactoring for autoupdate optimization.
2016-02-11 22:58:32 +01:00
"""
Returns serializer class.
"""
from .serializers import WorkflowSerializer
return WorkflowSerializer
Reference in New Issue Copy Permalink