2025-summer/team-3
12
Fork 0
Code Issues Pull requests Projects Releases Activity

AccessPermission.unique_key

Browse source
This commit is contained in:
Laura Klünder 2017-12-19 12:19:31 +01:00
parent 8900a70d2a
commit b852ef708e
3 changed files with 59 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/c3nav/control/templates/control/user.html
View file

@ -46,7 +46,7 @@
</td> </td>
<td>{% if access_permission.expire_date %}{{ access_permission.expire_date }}{% else %}{% trans 'never' %}{% endif %}</td> <td>{% if access_permission.expire_date %}{{ access_permission.expire_date }}{% else %}{% trans 'never' %}{% endif %}</td>
<td>{% if access_permission.can_grant %}{% trans 'Yes' %}{% else %}{% trans 'No' %}{% endif %}</td> <td>{% if access_permission.can_grant %}{% trans 'Yes' %}{% else %}{% trans 'No' %}{% endif %}</td>
<td>{{ access_permission. }}{% if access_permission.can_grant %}{% trans 'Yes' %}{% else %}{% trans 'No' %}{% endif %}</td> <td>{% if access_permission.unique_key %}{{ access_permission.unique_key }}{% endif %}</td>
{% if request.user_permissions.grant_all_access or request.user == access_permission.author %} {% if request.user_permissions.grant_all_access or request.user == access_permission.author %}
<td class="button-cell"><button type="submit" name="delete_access_permission" value="{{ access_permission.pk }}">{% trans 'Delete' %}</button></td> <td class="button-cell"><button type="submit" name="delete_access_permission" value="{{ access_permission.pk }}">{% trans 'Delete' %}</button></td>
{% endif %} {% endif %}

35
src/c3nav/mapdata/migrations/0064_access_permission_unique_key.py Normal file
View file

@ -0,0 +1,35 @@
# -*- coding: utf-8 -*-
# Generated by Django 1.11.7 on 2017-12-19 11:10
from __future__ import unicode_literals
from django.conf import settings
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
migrations.swappable_dependency(settings.AUTH_USER_MODEL),
('mapdata', '0063_descriptions_unique_together'),
]
operations = [
migrations.AlterModelOptions(
name='accesspermissiontoken',
options={'verbose_name': 'Access Permission Token', 'verbose_name_plural': 'Access Permission Tokens'},
),
migrations.AddField(
model_name='accesspermission',
name='unique_key',
field=models.CharField(max_length=32, null=True, verbose_name='unique key'),
),
migrations.AddField(
model_name='accesspermissiontoken',
name='unique_key',
field=models.CharField(max_length=32, null=True, verbose_name='unique key'),
),
migrations.AlterUniqueTogether(
name='accesspermission',
unique_together=set([('author', 'unique_key')]),
),
]

32
src/c3nav/mapdata/models/access.py
View file

@ -55,8 +55,14 @@ class AccessPermissionToken(models.Model):
unlimited = models.BooleanField(default=False, db_index=True, verbose_name=_('unlimited')) unlimited = models.BooleanField(default=False, db_index=True, verbose_name=_('unlimited'))
redeemed = models.BooleanField(default=False, db_index=True, verbose_name=_('redeemed')) redeemed = models.BooleanField(default=False, db_index=True, verbose_name=_('redeemed'))
can_grant = models.BooleanField(default=False, db_index=True, verbose_name=_('can grant')) can_grant = models.BooleanField(default=False, db_index=True, verbose_name=_('can grant'))
unique_key = models.CharField(max_length=32, null=True, verbose_name=_('unique key'))
data = models.BinaryField() data = models.BinaryField()
class Meta:
verbose_name = _('Access Permission Token')
verbose_name_plural = _('Access Permission Tokens')
default_related_name = 'accessrestriction_tokens'
@property @property
def restrictions(self) -> Sequence[AccessPermissionTokenItem]: def restrictions(self) -> Sequence[AccessPermissionTokenItem]:
return pickle.loads(self.data) return pickle.loads(self.data)
@ -76,15 +82,19 @@ class AccessPermissionToken(models.Model):
raise self.RedeemError('No longer valid.') raise self.RedeemError('No longer valid.')
if user: if user:
for restriction in self.restrictions: with transaction.atomic():
AccessPermission.objects.create( if self.author_id and self.unique_key:
user=user, AccessPermission.objects.filter(author_id=self.author_id, unique_key=self.unique_key).delete()
access_restriction_id=restriction.pk, for restriction in self.restrictions:
author_id=self.author_id, AccessPermission.objects.create(
expire_date=restriction.expire_date, user=user,
can_grant=self.can_grant, access_restriction_id=restriction.pk,
token=self if self.pk else None, author_id=self.author_id,
) expire_date=restriction.expire_date,
can_grant=self.can_grant,
unique_key=self.unique_key,
token=self if self.pk else None,
)
if self.pk and not self.unlimited: if self.pk and not self.unlimited:
self.redeemed = True self.redeemed = True
@ -105,6 +115,7 @@ class AccessPermission(models.Model):
can_grant = models.BooleanField(default=False, verbose_name=_('can grant')) can_grant = models.BooleanField(default=False, verbose_name=_('can grant'))
author = models.ForeignKey(settings.AUTH_USER_MODEL, null=True, on_delete=models.SET_NULL, author = models.ForeignKey(settings.AUTH_USER_MODEL, null=True, on_delete=models.SET_NULL,
related_name='authored_access_permissions', verbose_name=_('Author')) related_name='authored_access_permissions', verbose_name=_('Author'))
unique_key = models.CharField(max_length=32, null=True, verbose_name=_('unique key'))
token = models.ForeignKey(AccessPermissionToken, null=True, on_delete=models.CASCADE, token = models.ForeignKey(AccessPermissionToken, null=True, on_delete=models.CASCADE,
verbose_name=_('Access permission token')) verbose_name=_('Access permission token'))
@ -112,6 +123,9 @@ class AccessPermission(models.Model):
verbose_name = _('Access Permission') verbose_name = _('Access Permission')
verbose_name_plural = _('Access Permissions') verbose_name_plural = _('Access Permissions')
default_related_name = 'accesspermissions' default_related_name = 'accesspermissions'
unique_together = (
('author', 'unique_key')
)
@staticmethod @staticmethod
def user_access_permission_key(user_id): def user_access_permission_key(user_id):