team-3/src/c3nav/mapdata/permissions.py

from django.conf import settings
from django.utils.translation import ugettext_lazy as _
from rest_framework.exceptions import PermissionDenied
from rest_framework.permissions import BasePermission

from c3nav.mapdata.models import Source
from c3nav.mapdata.utils.cache import get_packages_cached


def get_unlocked_packages_names(request, packages_cached=None):
    if packages_cached is None:
        packages_cached = get_packages_cached()
    if settings.DIRECT_EDITING:
        return packages_cached.keys()
    return set(settings.PUBLIC_PACKAGES) | set(request.session.get('unlocked_packages', ()))


def get_unlocked_packages(request, packages_cached=None):
    if packages_cached is None:
        packages_cached = get_packages_cached()
    names = get_unlocked_packages_names(request, packages_cached=packages_cached)
    return tuple(packages_cached[name] for name in names if name in packages_cached)


def can_access_package(request, package):
    return settings.DEBUG or package.name in get_unlocked_packages_names(request)


def filter_queryset_by_package_access(request, queryset):
    return queryset if settings.DIRECT_EDITING else queryset.filter(package__in=get_unlocked_packages(request))


class LockedMapFeatures(BasePermission):
    def has_object_permission(self, request, view, obj):
        if isinstance(obj, Source):
            if not can_access_package(request, obj.package):
                raise PermissionDenied(_('This Source belongs to a package you don\'t have access to.'))
        return True
add REST API 2016-09-11 21:39:01 +02:00			`from django.conf import settings`
			`from django.utils.translation import ugettext_lazy as _`
sort imports 2016-09-11 21:41:39 +02:00			`from rest_framework.exceptions import PermissionDenied`
			`from rest_framework.permissions import BasePermission`

add heavy caching to mapdata api 2016-12-07 16:11:33 +01:00			`from c3nav.mapdata.models import Source`
			`from c3nav.mapdata.utils.cache import get_packages_cached`
add REST API 2016-09-11 21:39:01 +02:00

add heavy caching to mapdata api 2016-12-07 16:11:33 +01:00			`def get_unlocked_packages_names(request, packages_cached=None):`
			`if packages_cached is None:`
			`packages_cached = get_packages_cached()`
			`if settings.DIRECT_EDITING:`
			`return packages_cached.keys()`
add REST API 2016-09-11 21:39:01 +02:00			`return set(settings.PUBLIC_PACKAGES) \| set(request.session.get('unlocked_packages', ()))`


add heavy caching to mapdata api 2016-12-07 16:11:33 +01:00			`def get_unlocked_packages(request, packages_cached=None):`
			`if packages_cached is None:`
			`packages_cached = get_packages_cached()`
			`names = get_unlocked_packages_names(request, packages_cached=packages_cached)`
			`return tuple(packages_cached[name] for name in names if name in packages_cached)`
trying to improve API performance 2016-12-06 23:18:05 +01:00

add REST API 2016-09-11 21:39:01 +02:00			`def can_access_package(request, package):`
trying to improve API performance 2016-12-06 23:18:05 +01:00			`return settings.DEBUG or package.name in get_unlocked_packages_names(request)`
add REST API 2016-09-11 21:39:01 +02:00

change mapitems API to geometry API. 2016-11-27 14:03:39 +01:00			`def filter_queryset_by_package_access(request, queryset):`
trying to improve API performance 2016-12-06 23:18:05 +01:00			`return queryset if settings.DIRECT_EDITING else queryset.filter(package__in=get_unlocked_packages(request))`
add REST API 2016-09-11 21:39:01 +02:00

			`class LockedMapFeatures(BasePermission):`
			`def has_object_permission(self, request, view, obj):`
			`if isinstance(obj, Source):`
			`if not can_access_package(request, obj.package):`
			`raise PermissionDenied(_('This Source belongs to a package you don\'t have access to.'))`
			`return True`