team-3/src/c3nav/mapdata/models/access.py

from django.conf import settings
from django.db import models
from django.db.models import Q
from django.utils.translation import ugettext_lazy as _

from c3nav.mapdata.models.base import SerializableMixin, TitledMixin


class AccessRestriction(TitledMixin, models.Model):
    """
    An access restriction
    """
    users = models.ManyToManyField(settings.AUTH_USER_MODEL, through='AccessPermission')
    open = models.BooleanField(default=False, verbose_name=_('open'))

    class Meta:
        verbose_name = _('Access Restriction')
        verbose_name_plural = _('Access Restrictions')
        default_related_name = 'accessrestrictions'

    @classmethod
    def qs_for_request(cls, request):
        if request.user.is_authenticated and request.user.is_superuser:
            return cls.objects.all()
        return cls.objects.none()


class AccessPermission(models.Model):
    user = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.CASCADE)
    access_restriction = models.ForeignKey(AccessRestriction, on_delete=models.CASCADE)
    expire_date = models.DateTimeField(null=True, verbose_name=_('expires'))

    class Meta:
        verbose_name = _('Access Permission')
        verbose_name_plural = _('Access Permissions')
        default_related_name = 'accesspermissions'
        unique_together = (('user', 'access_restriction'), )


class AccessRestrictionMixin(SerializableMixin, models.Model):
    access_restriction = models.ForeignKey(AccessRestriction, null=True, blank=True,
                                           verbose_name=_('Access Restriction'))

    class Meta:
        abstract = True

    def _serialize(self, **kwargs):
        result = super()._serialize(**kwargs)
        result['access_restriction'] = self.access_restriction_id
        return result

    @classmethod
    def qs_for_request(cls, request, allow_none=False):
        return cls.objects.filter(cls.q_for_request(request, allow_none=allow_none))

    @classmethod
    def q_for_request(cls, request, prefix='', allow_none=False):
        if (request is None and allow_none) or (request.user.is_authenticated and request.user.is_superuser):
            return Q()
        return Q(**{prefix + 'access_restriction__isnull': True})
add AccessPermission modeling 2017-10-24 22:13:53 +02:00			`from django.conf import settings`
remove property "public", add AccessRestriction model 2017-07-13 18:43:03 +02:00			`from django.db import models`
respect access_restriction in mapdata API 2017-07-13 19:22:57 +02:00			`from django.db.models import Q`
remove property "public", add AccessRestriction model 2017-07-13 18:43:03 +02:00			`from django.utils.translation import ugettext_lazy as _`

			`from c3nav.mapdata.models.base import SerializableMixin, TitledMixin`


			`class AccessRestriction(TitledMixin, models.Model):`
			`"""`
add AccessPermission modeling 2017-10-24 22:13:53 +02:00			`An access restriction`
remove property "public", add AccessRestriction model 2017-07-13 18:43:03 +02:00			`"""`
add AccessPermission modeling 2017-10-24 22:13:53 +02:00			`users = models.ManyToManyField(settings.AUTH_USER_MODEL, through='AccessPermission')`
			`open = models.BooleanField(default=False, verbose_name=_('open'))`
remove property "public", add AccessRestriction model 2017-07-13 18:43:03 +02:00
			`class Meta:`
			`verbose_name = _('Access Restriction')`
			`verbose_name_plural = _('Access Restrictions')`
			`default_related_name = 'accessrestrictions'`

implement access_restriction field in Editor 2017-07-13 18:54:49 +02:00			`@classmethod`
			`def qs_for_request(cls, request):`
			`if request.user.is_authenticated and request.user.is_superuser:`
			`return cls.objects.all()`
			`return cls.objects.none()`

remove property "public", add AccessRestriction model 2017-07-13 18:43:03 +02:00
add AccessPermission modeling 2017-10-24 22:13:53 +02:00			`class AccessPermission(models.Model):`
			`user = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.CASCADE)`
			`access_restriction = models.ForeignKey(AccessRestriction, on_delete=models.CASCADE)`
			`expire_date = models.DateTimeField(null=True, verbose_name=_('expires'))`

			`class Meta:`
			`verbose_name = _('Access Permission')`
			`verbose_name_plural = _('Access Permissions')`
			`default_related_name = 'accesspermissions'`
			`unique_together = (('user', 'access_restriction'), )`


remove property "public", add AccessRestriction model 2017-07-13 18:43:03 +02:00			`class AccessRestrictionMixin(SerializableMixin, models.Model):`
			`access_restriction = models.ForeignKey(AccessRestriction, null=True, blank=True,`
			`verbose_name=_('Access Restriction'))`

			`class Meta:`
			`abstract = True`

			`def _serialize(self, **kwargs):`
			`result = super()._serialize(**kwargs)`
			`result['access_restriction'] = self.access_restriction_id`
			`return result`
implement access_restriction field in Editor 2017-07-13 18:54:49 +02:00
			`@classmethod`
move renderscad into Level model 2017-08-06 22:07:34 +02:00			`def qs_for_request(cls, request, allow_none=False):`
			`return cls.objects.filter(cls.q_for_request(request, allow_none=allow_none))`
respect access restrictions in editor API 2017-07-13 22:22:13 +02:00
			`@classmethod`
move renderscad into Level model 2017-08-06 22:07:34 +02:00			`def q_for_request(cls, request, prefix='', allow_none=False):`
			`if (request is None and allow_none) or (request.user.is_authenticated and request.user.is_superuser):`
respect access restrictions in editor API 2017-07-13 22:22:13 +02:00			`return Q()`
			`return Q(**{prefix + 'access_restriction__isnull': True})`