2015-02-12 20:57:05 +01:00
|
|
|
from django.contrib.auth import get_user_model
|
2017-01-26 15:34:24 +01:00
|
|
|
from django.contrib.auth.models import AnonymousUser
|
2015-01-22 22:50:19 +01:00
|
|
|
|
2016-12-17 09:30:20 +01:00
|
|
|
from .collection import CollectionElement
|
2015-01-22 22:50:19 +01:00
|
|
|
|
|
|
|
|
2016-12-17 09:30:20 +01:00
|
|
|
def has_perm(user, perm):
|
|
|
|
"""
|
|
|
|
Checks that user has a specific permission.
|
2017-01-15 13:33:54 +01:00
|
|
|
|
2017-01-26 15:34:24 +01:00
|
|
|
User can be an a CollectionElement for a user or None.
|
2016-12-17 09:30:20 +01:00
|
|
|
"""
|
2017-01-26 15:34:24 +01:00
|
|
|
# Convert user to right type
|
|
|
|
user = user_to_collection_user(user)
|
|
|
|
if user is None and not anonymous_is_enabled():
|
2016-12-17 09:30:20 +01:00
|
|
|
has_perm = False
|
2017-01-26 15:34:24 +01:00
|
|
|
elif user is None:
|
|
|
|
# Use the permissions from the default group.
|
|
|
|
default_group = CollectionElement.from_values('users/group', 1)
|
|
|
|
has_perm = perm in default_group.get_full_data()['permissions']
|
2016-12-17 09:30:20 +01:00
|
|
|
else:
|
|
|
|
# Get all groups of the user and then see, if one group has the required
|
|
|
|
# permission. If the user has no groups, then use group 1.
|
|
|
|
group_ids = user.get_full_data()['groups_id'] or [1]
|
|
|
|
for group_id in group_ids:
|
|
|
|
group = CollectionElement.from_values('users/group', group_id)
|
|
|
|
if perm in group.get_full_data()['permissions']:
|
|
|
|
has_perm = True
|
|
|
|
break
|
|
|
|
else:
|
|
|
|
has_perm = False
|
|
|
|
return has_perm
|
2017-01-15 13:33:54 +01:00
|
|
|
|
|
|
|
|
|
|
|
def anonymous_is_enabled():
|
2017-01-26 15:34:24 +01:00
|
|
|
"""
|
|
|
|
Returns true, when the anonymous user is enabled in the settings.
|
|
|
|
"""
|
|
|
|
return (CollectionElement.from_values('core/config', 'general_system_enable_anonymous')
|
|
|
|
.get_full_data()['value'])
|
|
|
|
|
|
|
|
|
|
|
|
def user_to_collection_user(user):
|
|
|
|
"""
|
|
|
|
Taks an object, that represents a user an converts it to a collection_element
|
|
|
|
or None, if it is an anonymous user.
|
|
|
|
|
|
|
|
User can be
|
|
|
|
* a user object,
|
|
|
|
* a collection_element for an user
|
|
|
|
* an user id
|
|
|
|
* an anonymous user.
|
|
|
|
|
|
|
|
Raises an TypeError, if the given user object can not be converted
|
|
|
|
"""
|
|
|
|
if user is None:
|
|
|
|
# Nothing to do
|
|
|
|
pass
|
|
|
|
elif isinstance(user, CollectionElement) and user.collection_string == 'users/user':
|
|
|
|
# Nothing to do
|
|
|
|
pass
|
|
|
|
elif isinstance(user, CollectionElement):
|
|
|
|
raise TypeError(
|
|
|
|
"Unsupported type for user. Only CollectionElements for users can be"
|
|
|
|
"used. Not {}".format(user.collection_string))
|
|
|
|
elif isinstance(user, int):
|
|
|
|
user = CollectionElement.from_values('users/user', user)
|
|
|
|
elif isinstance(user, AnonymousUser):
|
|
|
|
user = None
|
|
|
|
elif isinstance(user, get_user_model()):
|
|
|
|
# Converts a user object to a collection element.
|
|
|
|
# from_instance can not be used because the user serializer loads
|
|
|
|
# the group from the db. So each call to from_instance(user) consts
|
|
|
|
# one db query.
|
|
|
|
user = CollectionElement.from_values('users/user', user.id)
|
|
|
|
else:
|
|
|
|
raise TypeError(
|
|
|
|
"Unsupported type for user. User {} has type {}.".format(user, type(user)))
|
|
|
|
return user
|