OpenSlides/openslides/agenda/access_permissions.py

from ..utils.access_permissions import BaseAccessPermissions
from ..utils.auth import has_perm


class ItemAccessPermissions(BaseAccessPermissions):
    """
    Access permissions container for Item and ItemViewSet.
    """
    def check_permissions(self, user):
        """
        Returns True if the user has read access model instances.
        """
        return has_perm(user, 'agenda.can_see')

    def get_serializer_class(self, user=None):
        """
        Returns serializer class.
        """
        from .serializers import ItemSerializer

        return ItemSerializer

    # TODO: In the following method we use full_data['is_hidden'] but this can be out of date.

    def get_restricted_data(self, full_data, user):
        """
        Returns the restricted serialized data for the instance prepared
        for the user.
        """
        if (has_perm(user, 'agenda.can_see') and
            (not full_data['is_hidden'] or
             has_perm(user, 'agenda.can_see_hidden_items'))):
            data = full_data
        else:
            data = None
        return data

    def get_projector_data(self, full_data):
        """
        Returns the restricted serialized data for the instance prepared
        for the projector. Removes field 'comment'.
        """
        data = {}
        for key in full_data.keys():
            if key != 'comment':
                data[key] = full_data[key]
        return data
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00			`from ..utils.access_permissions import BaseAccessPermissions`
Performance improvements * Add caching support to users/group * Add a function has_perm that works with the cache. * Removed our session backend so other session backends (without the database) can be used 2016-12-17 09:30:20 +01:00			`from ..utils.auth import has_perm`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00
"durchstich" for autoupdate optimization 2016-02-11 11:29:19 +01:00
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00			`class ItemAccessPermissions(BaseAccessPermissions):`
			`"""`
			`Access permissions container for Item and ItemViewSet.`
			`"""`
Change system for autoupdate on the projector (#2394) * Second websocket channel for the projector * Removed use of projector requirements for REST API requests. Refactored data serializing for projector websocket connection. * Refactor the way that the projector autoupdate get its data. * Fixed missing assignment slide title for hidden items. * Release all items for item list slide and list of speakers slide. Fixed error with motion workflow. * Created CollectionElement class which helps to handle autoupdate. 2016-09-17 22:26:23 +02:00			`def check_permissions(self, user):`
"durchstich" for autoupdate optimization 2016-02-11 11:29:19 +01:00			`"""`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00			`Returns True if the user has read access model instances.`
"durchstich" for autoupdate optimization 2016-02-11 11:29:19 +01:00			`"""`
Performance improvements * Add caching support to users/group * Add a function has_perm that works with the cache. * Removed our session backend so other session backends (without the database) can be used 2016-12-17 09:30:20 +01:00			`return has_perm(user, 'agenda.can_see')`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00
Forwarding JSON instead of Django model instances to autoupdate loop. - Used raw SQL for createing default projector during inital migration. - Removed default_password and hidden agenda items from autoupdate data for some users. - Removed old get_collection_and_id_from_url() function. 2016-03-02 00:46:19 +01:00			`def get_serializer_class(self, user=None):`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00			`"""`
			`Returns serializer class.`
			`"""`
			`from .serializers import ItemSerializer`

			`return ItemSerializer`
Forwarding JSON instead of Django model instances to autoupdate loop. - Used raw SQL for createing default projector during inital migration. - Removed default_password and hidden agenda items from autoupdate data for some users. - Removed old get_collection_and_id_from_url() function. 2016-03-02 00:46:19 +01:00
Change system for autoupdate on the projector (#2394) * Second websocket channel for the projector * Removed use of projector requirements for REST API requests. Refactored data serializing for projector websocket connection. * Refactor the way that the projector autoupdate get its data. * Fixed missing assignment slide title for hidden items. * Release all items for item list slide and list of speakers slide. Fixed error with motion workflow. * Created CollectionElement class which helps to handle autoupdate. 2016-09-17 22:26:23 +02:00			`# TODO: In the following method we use full_data['is_hidden'] but this can be out of date.`

Forwarding JSON instead of Django model instances to autoupdate loop. - Used raw SQL for createing default projector during inital migration. - Removed default_password and hidden agenda items from autoupdate data for some users. - Removed old get_collection_and_id_from_url() function. 2016-03-02 00:46:19 +01:00			`def get_restricted_data(self, full_data, user):`
			`"""`
			`Returns the restricted serialized data for the instance prepared`
			`for the user.`
			`"""`
Performance improvements * Add caching support to users/group * Add a function has_perm that works with the cache. * Removed our session backend so other session backends (without the database) can be used 2016-12-17 09:30:20 +01:00			`if (has_perm(user, 'agenda.can_see') and`
Forwarding JSON instead of Django model instances to autoupdate loop. - Used raw SQL for createing default projector during inital migration. - Removed default_password and hidden agenda items from autoupdate data for some users. - Removed old get_collection_and_id_from_url() function. 2016-03-02 00:46:19 +01:00			`(not full_data['is_hidden'] or`
Performance improvements * Add caching support to users/group * Add a function has_perm that works with the cache. * Removed our session backend so other session backends (without the database) can be used 2016-12-17 09:30:20 +01:00			`has_perm(user, 'agenda.can_see_hidden_items'))):`
Forwarding JSON instead of Django model instances to autoupdate loop. - Used raw SQL for createing default projector during inital migration. - Removed default_password and hidden agenda items from autoupdate data for some users. - Removed old get_collection_and_id_from_url() function. 2016-03-02 00:46:19 +01:00			`data = full_data`
			`else:`
			`data = None`
			`return data`
Change system for autoupdate on the projector (#2394) * Second websocket channel for the projector * Removed use of projector requirements for REST API requests. Refactored data serializing for projector websocket connection. * Refactor the way that the projector autoupdate get its data. * Fixed missing assignment slide title for hidden items. * Release all items for item list slide and list of speakers slide. Fixed error with motion workflow. * Created CollectionElement class which helps to handle autoupdate. 2016-09-17 22:26:23 +02:00
			`def get_projector_data(self, full_data):`
			`"""`
			`Returns the restricted serialized data for the instance prepared`
			`for the projector. Removes field 'comment'.`
			`"""`
			`data = {}`
			`for key in full_data.keys():`
			`if key != 'comment':`
			`data[key] = full_data[key]`
			`return data`