2016-02-11 22:58:32 +01:00
|
|
|
from ..utils.access_permissions import BaseAccessPermissions
|
2016-12-17 09:30:20 +01:00
|
|
|
from ..utils.auth import has_perm
|
2016-02-11 22:58:32 +01:00
|
|
|
|
2016-02-11 11:29:19 +01:00
|
|
|
|
2016-02-11 22:58:32 +01:00
|
|
|
class ItemAccessPermissions(BaseAccessPermissions):
|
|
|
|
"""
|
|
|
|
Access permissions container for Item and ItemViewSet.
|
|
|
|
"""
|
2016-09-17 22:26:23 +02:00
|
|
|
def check_permissions(self, user):
|
2016-02-11 11:29:19 +01:00
|
|
|
"""
|
2016-02-11 22:58:32 +01:00
|
|
|
Returns True if the user has read access model instances.
|
2016-02-11 11:29:19 +01:00
|
|
|
"""
|
2016-12-17 09:30:20 +01:00
|
|
|
return has_perm(user, 'agenda.can_see')
|
2016-02-11 22:58:32 +01:00
|
|
|
|
2016-03-02 00:46:19 +01:00
|
|
|
def get_serializer_class(self, user=None):
|
2016-02-11 22:58:32 +01:00
|
|
|
"""
|
|
|
|
Returns serializer class.
|
|
|
|
"""
|
|
|
|
from .serializers import ItemSerializer
|
|
|
|
|
|
|
|
return ItemSerializer
|
2016-03-02 00:46:19 +01:00
|
|
|
|
2016-09-17 22:26:23 +02:00
|
|
|
# TODO: In the following method we use full_data['is_hidden'] but this can be out of date.
|
|
|
|
|
2016-03-02 00:46:19 +01:00
|
|
|
def get_restricted_data(self, full_data, user):
|
|
|
|
"""
|
|
|
|
Returns the restricted serialized data for the instance prepared
|
|
|
|
for the user.
|
|
|
|
"""
|
2017-03-03 10:54:41 +01:00
|
|
|
if has_perm(user, 'agenda.can_see'):
|
|
|
|
if full_data['is_hidden'] and not has_perm(user, 'agenda.can_see_hidden_items'):
|
|
|
|
# The data is hidden but the user isn't allowed to see it. Jst pass
|
|
|
|
# the whitelisted keys so the list of speakers is provided regardless.
|
|
|
|
whitelist = (
|
|
|
|
'id',
|
|
|
|
'title',
|
|
|
|
'speakers',
|
|
|
|
'speaker_list_closed',
|
|
|
|
'content_object',)
|
2017-01-15 09:50:20 +01:00
|
|
|
data = {}
|
|
|
|
for key in full_data.keys():
|
2017-03-03 10:54:41 +01:00
|
|
|
if key in whitelist:
|
2017-01-15 09:50:20 +01:00
|
|
|
data[key] = full_data[key]
|
2017-03-03 10:54:41 +01:00
|
|
|
else:
|
|
|
|
if has_perm(user, 'agenda.can_manage'):
|
|
|
|
data = full_data
|
|
|
|
else:
|
|
|
|
# Strip out item comments for unprivileged users.
|
|
|
|
data = {}
|
|
|
|
for key in full_data.keys():
|
|
|
|
if key != 'comment':
|
|
|
|
data[key] = full_data[key]
|
2016-03-02 00:46:19 +01:00
|
|
|
else:
|
|
|
|
data = None
|
|
|
|
return data
|
2016-09-17 22:26:23 +02:00
|
|
|
|
|
|
|
def get_projector_data(self, full_data):
|
|
|
|
"""
|
|
|
|
Returns the restricted serialized data for the instance prepared
|
|
|
|
for the projector. Removes field 'comment'.
|
|
|
|
"""
|
|
|
|
data = {}
|
|
|
|
for key in full_data.keys():
|
|
|
|
if key != 'comment':
|
|
|
|
data[key] = full_data[key]
|
|
|
|
return data
|