2016-07-29 23:33:47 +02:00
|
|
|
from ..core.config import config
|
2016-02-11 22:58:32 +01:00
|
|
|
from ..utils.access_permissions import BaseAccessPermissions
|
|
|
|
|
|
|
|
|
|
|
|
class MotionAccessPermissions(BaseAccessPermissions):
|
|
|
|
"""
|
|
|
|
Access permissions container for Motion and MotionViewSet.
|
|
|
|
"""
|
2016-09-17 22:26:23 +02:00
|
|
|
def check_permissions(self, user):
|
2016-02-11 22:58:32 +01:00
|
|
|
"""
|
|
|
|
Returns True if the user has read access model instances.
|
|
|
|
"""
|
|
|
|
return user.has_perm('motions.can_see')
|
|
|
|
|
2016-03-02 00:46:19 +01:00
|
|
|
def get_serializer_class(self, user=None):
|
2016-02-11 22:58:32 +01:00
|
|
|
"""
|
|
|
|
Returns serializer class.
|
|
|
|
"""
|
|
|
|
from .serializers import MotionSerializer
|
|
|
|
|
|
|
|
return MotionSerializer
|
|
|
|
|
2016-07-29 23:33:47 +02:00
|
|
|
def get_restricted_data(self, full_data, user):
|
|
|
|
"""
|
|
|
|
Returns the restricted serialized data for the instance prepared for
|
|
|
|
the user. Removes non public comment fields for some unauthorized
|
|
|
|
users.
|
|
|
|
"""
|
|
|
|
if user.has_perm('motions.can_see_and_manage_comments') or not full_data.get('comments'):
|
|
|
|
data = full_data
|
|
|
|
else:
|
|
|
|
data = full_data.copy()
|
2016-09-09 15:16:56 +02:00
|
|
|
for i, field in enumerate(config['motions_comments']):
|
2016-07-29 23:33:47 +02:00
|
|
|
if not field.get('public'):
|
|
|
|
try:
|
|
|
|
data['comments'][i] = None
|
|
|
|
except IndexError:
|
|
|
|
# No data in range. Just do nothing.
|
|
|
|
pass
|
|
|
|
return data
|
|
|
|
|
2016-09-17 22:26:23 +02:00
|
|
|
def get_projector_data(self, full_data):
|
|
|
|
"""
|
|
|
|
Returns the restricted serialized data for the instance prepared
|
|
|
|
for the projector. Removes several fields.
|
|
|
|
"""
|
|
|
|
data = full_data.copy()
|
|
|
|
for i, field in enumerate(self.get_comments_config_fields()):
|
|
|
|
if not field.get('public'):
|
|
|
|
try:
|
|
|
|
data['comments'][i] = None
|
|
|
|
except IndexError:
|
|
|
|
# No data in range. Just do nothing.
|
|
|
|
pass
|
|
|
|
return data
|
|
|
|
|
2016-02-11 22:58:32 +01:00
|
|
|
|
|
|
|
class CategoryAccessPermissions(BaseAccessPermissions):
|
|
|
|
"""
|
|
|
|
Access permissions container for Category and CategoryViewSet.
|
|
|
|
"""
|
2016-09-17 22:26:23 +02:00
|
|
|
def check_permissions(self, user):
|
2016-02-11 22:58:32 +01:00
|
|
|
"""
|
|
|
|
Returns True if the user has read access model instances.
|
|
|
|
"""
|
|
|
|
return user.has_perm('motions.can_see')
|
|
|
|
|
2016-03-02 00:46:19 +01:00
|
|
|
def get_serializer_class(self, user=None):
|
2016-02-11 22:58:32 +01:00
|
|
|
"""
|
|
|
|
Returns serializer class.
|
|
|
|
"""
|
|
|
|
from .serializers import CategorySerializer
|
|
|
|
|
|
|
|
return CategorySerializer
|
|
|
|
|
|
|
|
|
|
|
|
class WorkflowAccessPermissions(BaseAccessPermissions):
|
|
|
|
"""
|
|
|
|
Access permissions container for Workflow and WorkflowViewSet.
|
|
|
|
"""
|
2016-09-17 22:26:23 +02:00
|
|
|
def check_permissions(self, user):
|
2016-02-11 22:58:32 +01:00
|
|
|
"""
|
|
|
|
Returns True if the user has read access model instances.
|
|
|
|
"""
|
|
|
|
return user.has_perm('motions.can_see')
|
|
|
|
|
2016-03-02 00:46:19 +01:00
|
|
|
def get_serializer_class(self, user=None):
|
2016-02-11 22:58:32 +01:00
|
|
|
"""
|
|
|
|
Returns serializer class.
|
|
|
|
"""
|
|
|
|
from .serializers import WorkflowSerializer
|
|
|
|
|
|
|
|
return WorkflowSerializer
|