OpenSlides/openslides/core/access_permissions.py

from django.contrib.auth.models import AnonymousUser

from ..utils.access_permissions import BaseAccessPermissions
from ..utils.auth import anonymous_is_enabled, has_perm


class ProjectorAccessPermissions(BaseAccessPermissions):
    """
    Access permissions container for Projector and ProjectorViewSet.
    """
    def check_permissions(self, user):
        """
        Returns True if the user has read access model instances.
        """
        return has_perm(user, 'core.can_see_projector')

    def get_serializer_class(self, user=None):
        """
        Returns serializer class.
        """
        from .serializers import ProjectorSerializer

        return ProjectorSerializer


class TagAccessPermissions(BaseAccessPermissions):
    """
    Access permissions container for Tag and TagViewSet.
    """
    def check_permissions(self, user):
        """
        Returns True if the user has read access model instances.
        """
        # Every authenticated user can retrieve tags. Anonymous users can do
        # so if they are enabled.
        return not isinstance(user, AnonymousUser) or anonymous_is_enabled()

    def get_serializer_class(self, user=None):
        """
        Returns serializer class.
        """
        from .serializers import TagSerializer

        return TagSerializer


class ChatMessageAccessPermissions(BaseAccessPermissions):
    """
    Access permissions container for ChatMessage and ChatMessageViewSet.
    """
    def check_permissions(self, user):
        """
        Returns True if the user has read access model instances.
        """
        # Anonymous users can see the chat if the anonymous group has the
        # permission core.can_use_chat. But they can not use it. See views.py.
        return has_perm(user, 'core.can_use_chat')

    def get_serializer_class(self, user=None):
        """
        Returns serializer class.
        """
        from .serializers import ChatMessageSerializer

        return ChatMessageSerializer


class ProjectorMessageAccessPermissions(BaseAccessPermissions):
    """
    Access permissions for ProjectorMessage.
    """
    def check_permissions(self, user):
        """
        Returns True if the user has read access model instances.
        """
        return has_perm(user, 'core.can_see_projector')

    def get_serializer_class(self, user=None):
        """
        Returns serializer class.
        """
        from .serializers import ProjectorMessageSerializer

        return ProjectorMessageSerializer


class CountdownAccessPermissions(BaseAccessPermissions):
    """
    Access permissions for Countdown.
    """
    def check_permissions(self, user):
        """
        Returns True if the user has read access model instances.
        """
        return has_perm(user, 'core.can_see_projector')

    def get_serializer_class(self, user=None):
        """
        Returns serializer class.
        """
        from .serializers import CountdownSerializer

        return CountdownSerializer


class ConfigAccessPermissions(BaseAccessPermissions):
    """
    Access permissions container for the config (ConfigStore and
    ConfigViewSet).
    """
    def check_permissions(self, user):
        """
        Returns True if the user has read access model instances.
        """
        # Every authenticated user can see the metadata and list or retrieve
        # the config. Anonymous users can do so if they are enabled.
        return not isinstance(user, AnonymousUser) or anonymous_is_enabled()

    def get_full_data(self, instance):
        """
        Returns the serlialized config data.
        """
        from .config import config
        from .models import ConfigStore

        # Attention: The format of this response has to be the same as in
        # the retrieve method of ConfigViewSet.
        if isinstance(instance, ConfigStore):
            result = {'key': instance.key, 'value': config[instance.key]}
        else:
            # It is possible, that the caching system already sends the correct data as "instance".
            result = instance
        return result
Created a function to convert anything possible to a user-collectoin-element or None Changed user.has_perm(...) to has_perm(user, ...) at any place. Removed old code 2017-01-26 15:34:24 +01:00			`from django.contrib.auth.models import AnonymousUser`

Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00			`from ..utils.access_permissions import BaseAccessPermissions`
Created a function to convert anything possible to a user-collectoin-element or None Changed user.has_perm(...) to has_perm(user, ...) at any place. Removed old code 2017-01-26 15:34:24 +01:00			`from ..utils.auth import anonymous_is_enabled, has_perm`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00
"durchstich" for autoupdate optimization 2016-02-11 11:29:19 +01:00
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00			`class ProjectorAccessPermissions(BaseAccessPermissions):`
			`"""`
			`Access permissions container for Projector and ProjectorViewSet.`
			`"""`
Change system for autoupdate on the projector (#2394) * Second websocket channel for the projector * Removed use of projector requirements for REST API requests. Refactored data serializing for projector websocket connection. * Refactor the way that the projector autoupdate get its data. * Fixed missing assignment slide title for hidden items. * Release all items for item list slide and list of speakers slide. Fixed error with motion workflow. * Created CollectionElement class which helps to handle autoupdate. 2016-09-17 22:26:23 +02:00			`def check_permissions(self, user):`
"durchstich" for autoupdate optimization 2016-02-11 11:29:19 +01:00			`"""`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00			`Returns True if the user has read access model instances.`
"durchstich" for autoupdate optimization 2016-02-11 11:29:19 +01:00			`"""`
Performance improvements * Add caching support to users/group * Add a function has_perm that works with the cache. * Removed our session backend so other session backends (without the database) can be used 2016-12-17 09:30:20 +01:00			`return has_perm(user, 'core.can_see_projector')`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00
Forwarding JSON instead of Django model instances to autoupdate loop. - Used raw SQL for createing default projector during inital migration. - Removed default_password and hidden agenda items from autoupdate data for some users. - Removed old get_collection_and_id_from_url() function. 2016-03-02 00:46:19 +01:00			`def get_serializer_class(self, user=None):`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00			`"""`
			`Returns serializer class.`
			`"""`
			`from .serializers import ProjectorSerializer`

			`return ProjectorSerializer`


			`class TagAccessPermissions(BaseAccessPermissions):`
			`"""`
			`Access permissions container for Tag and TagViewSet.`
			`"""`
Change system for autoupdate on the projector (#2394) * Second websocket channel for the projector * Removed use of projector requirements for REST API requests. Refactored data serializing for projector websocket connection. * Refactor the way that the projector autoupdate get its data. * Fixed missing assignment slide title for hidden items. * Release all items for item list slide and list of speakers slide. Fixed error with motion workflow. * Created CollectionElement class which helps to handle autoupdate. 2016-09-17 22:26:23 +02:00			`def check_permissions(self, user):`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00			`"""`
			`Returns True if the user has read access model instances.`
			`"""`
			`# Every authenticated user can retrieve tags. Anonymous users can do`
			`# so if they are enabled.`
Created a function to convert anything possible to a user-collectoin-element or None Changed user.has_perm(...) to has_perm(user, ...) at any place. Removed old code 2017-01-26 15:34:24 +01:00			`return not isinstance(user, AnonymousUser) or anonymous_is_enabled()`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00
Forwarding JSON instead of Django model instances to autoupdate loop. - Used raw SQL for createing default projector during inital migration. - Removed default_password and hidden agenda items from autoupdate data for some users. - Removed old get_collection_and_id_from_url() function. 2016-03-02 00:46:19 +01:00			`def get_serializer_class(self, user=None):`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00			`"""`
			`Returns serializer class.`
			`"""`
			`from .serializers import TagSerializer`

			`return TagSerializer`


			`class ChatMessageAccessPermissions(BaseAccessPermissions):`
			`"""`
			`Access permissions container for ChatMessage and ChatMessageViewSet.`
			`"""`
Change system for autoupdate on the projector (#2394) * Second websocket channel for the projector * Removed use of projector requirements for REST API requests. Refactored data serializing for projector websocket connection. * Refactor the way that the projector autoupdate get its data. * Fixed missing assignment slide title for hidden items. * Release all items for item list slide and list of speakers slide. Fixed error with motion workflow. * Created CollectionElement class which helps to handle autoupdate. 2016-09-17 22:26:23 +02:00			`def check_permissions(self, user):`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00			`"""`
			`Returns True if the user has read access model instances.`
			`"""`
			`# Anonymous users can see the chat if the anonymous group has the`
			`# permission core.can_use_chat. But they can not use it. See views.py.`
Performance improvements * Add caching support to users/group * Add a function has_perm that works with the cache. * Removed our session backend so other session backends (without the database) can be used 2016-12-17 09:30:20 +01:00			`return has_perm(user, 'core.can_use_chat')`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00
Forwarding JSON instead of Django model instances to autoupdate loop. - Used raw SQL for createing default projector during inital migration. - Removed default_password and hidden agenda items from autoupdate data for some users. - Removed old get_collection_and_id_from_url() function. 2016-03-02 00:46:19 +01:00			`def get_serializer_class(self, user=None):`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00			`"""`
			`Returns serializer class.`
			`"""`
			`from .serializers import ChatMessageSerializer`

			`return ChatMessageSerializer`


countdown and message models (closes #2464) 2016-10-21 11:05:24 +02:00			`class ProjectorMessageAccessPermissions(BaseAccessPermissions):`
			`"""`
			`Access permissions for ProjectorMessage.`
			`"""`
			`def check_permissions(self, user):`
			`"""`
			`Returns True if the user has read access model instances.`
			`"""`
Performance improvements * Add caching support to users/group * Add a function has_perm that works with the cache. * Removed our session backend so other session backends (without the database) can be used 2016-12-17 09:30:20 +01:00			`return has_perm(user, 'core.can_see_projector')`
countdown and message models (closes #2464) 2016-10-21 11:05:24 +02:00
			`def get_serializer_class(self, user=None):`
			`"""`
			`Returns serializer class.`
			`"""`
			`from .serializers import ProjectorMessageSerializer`

			`return ProjectorMessageSerializer`


			`class CountdownAccessPermissions(BaseAccessPermissions):`
			`"""`
			`Access permissions for Countdown.`
			`"""`
			`def check_permissions(self, user):`
			`"""`
			`Returns True if the user has read access model instances.`
			`"""`
Performance improvements * Add caching support to users/group * Add a function has_perm that works with the cache. * Removed our session backend so other session backends (without the database) can be used 2016-12-17 09:30:20 +01:00			`return has_perm(user, 'core.can_see_projector')`
countdown and message models (closes #2464) 2016-10-21 11:05:24 +02:00
			`def get_serializer_class(self, user=None):`
			`"""`
			`Returns serializer class.`
			`"""`
			`from .serializers import CountdownSerializer`

			`return CountdownSerializer`


Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00			`class ConfigAccessPermissions(BaseAccessPermissions):`
			`"""`
			`Access permissions container for the config (ConfigStore and`
			`ConfigViewSet).`
			`"""`
Change system for autoupdate on the projector (#2394) * Second websocket channel for the projector * Removed use of projector requirements for REST API requests. Refactored data serializing for projector websocket connection. * Refactor the way that the projector autoupdate get its data. * Fixed missing assignment slide title for hidden items. * Release all items for item list slide and list of speakers slide. Fixed error with motion workflow. * Created CollectionElement class which helps to handle autoupdate. 2016-09-17 22:26:23 +02:00			`def check_permissions(self, user):`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00			`"""`
			`Returns True if the user has read access model instances.`
			`"""`
			`# Every authenticated user can see the metadata and list or retrieve`
			`# the config. Anonymous users can do so if they are enabled.`
Created a function to convert anything possible to a user-collectoin-element or None Changed user.has_perm(...) to has_perm(user, ...) at any place. Removed old code 2017-01-26 15:34:24 +01:00			`return not isinstance(user, AnonymousUser) or anonymous_is_enabled()`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00
Forwarding JSON instead of Django model instances to autoupdate loop. - Used raw SQL for createing default projector during inital migration. - Removed default_password and hidden agenda items from autoupdate data for some users. - Removed old get_collection_and_id_from_url() function. 2016-03-02 00:46:19 +01:00			`def get_full_data(self, instance):`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00			`"""`
Forwarding JSON instead of Django model instances to autoupdate loop. - Used raw SQL for createing default projector during inital migration. - Removed default_password and hidden agenda items from autoupdate data for some users. - Removed old get_collection_and_id_from_url() function. 2016-03-02 00:46:19 +01:00			`Returns the serlialized config data.`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00			`"""`
			`from .config import config`
Added docstrings. Small changes. 2016-09-30 20:42:58 +02:00			`from .models import ConfigStore`
Massive refactoring for autoupdate optimization. 2016-02-11 22:58:32 +01:00
Forwarding JSON instead of Django model instances to autoupdate loop. - Used raw SQL for createing default projector during inital migration. - Removed default_password and hidden agenda items from autoupdate data for some users. - Removed old get_collection_and_id_from_url() function. 2016-03-02 00:46:19 +01:00			`# Attention: The format of this response has to be the same as in`
			`# the retrieve method of ConfigViewSet.`
Added docstrings. Small changes. 2016-09-30 20:42:58 +02:00			`if isinstance(instance, ConfigStore):`
			`result = {'key': instance.key, 'value': config[instance.key]}`
			`else:`
			`# It is possible, that the caching system already sends the correct data as "instance".`
			`result = instance`
			`return result`