2025-summer/team-3
12
Fork 0
Code Issues Pull requests Projects Releases Activity

respect base_mapdata_access in editor

Browse source
This commit is contained in:
Laura Klünder 2018-11-20 22:54:29 +01:00
parent bb1bb69d00
commit bf761c1a1c
9 changed files with 89 additions and 29 deletions
Download patch file Download diff file Expand all files Collapse all files

14
src/c3nav/control/models.py
View file

@ -39,6 +39,15 @@ class UserPermissions(models.Model):
def get_cache_key(pk): def get_cache_key(pk):
return 'control:permissions:%d' % pk return 'control:permissions:%d' % pk
@classmethod
def cache_key_for_request(cls):
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
if self.user_id and self.user.is_superuser:
for field in UserPermissions._meta.get_fields():
if isinstance(field, models.BooleanField):
setattr(self, field.name, True)
@classmethod @classmethod
def get_for_user(cls, user, force=False) -> 'UserPermissions': def get_for_user(cls, user, force=False) -> 'UserPermissions':
if not user.is_authenticated: if not user.is_authenticated:
@ -65,5 +74,10 @@ class UserPermissions(models.Model):
cache_key = self.get_cache_key(self.pk) cache_key = self.get_cache_key(self.pk)
cache.set(cache_key, self, 900) cache.set(cache_key, self, 900)
@property
def can_access_base_mapdata(self):
return False
return settings.PUBLIC_BASE_MAPDATA or self.base_mapdata_access
get_permissions_for_user_lazy = lazy(UserPermissions.get_for_user, UserPermissions) get_permissions_for_user_lazy = lazy(UserPermissions.get_for_user, UserPermissions)

7
src/c3nav/editor/api.py
View file

@ -73,7 +73,10 @@ class EditorViewSet(ViewSet):
@api_etag(etag_func=etag_func, cache_parameters={'level': str, 'space': str}) @api_etag(etag_func=etag_func, cache_parameters={'level': str, 'space': str})
def geometries(self, request, *args, **kwargs): def geometries(self, request, *args, **kwargs):
if not can_access_editor(request): if not can_access_editor(request):
return PermissionDenied raise PermissionDenied
if not request.user_permissions.can_access_base_mapdata:
raise PermissionDenied
Level = request.changeset.wrap_model('Level') Level = request.changeset.wrap_model('Level')
Space = request.changeset.wrap_model('Space') Space = request.changeset.wrap_model('Space')
@ -214,7 +217,7 @@ class EditorViewSet(ViewSet):
@api_etag(etag_func=MapUpdate.current_cache_key, cache_parameters={}) @api_etag(etag_func=MapUpdate.current_cache_key, cache_parameters={})
def geometrystyles(self, request, *args, **kwargs): def geometrystyles(self, request, *args, **kwargs):
if not can_access_editor(request): if not can_access_editor(request):
return PermissionDenied raise PermissionDenied
return Response({ return Response({
'building': '#aaaaaa', 'building': '#aaaaaa',

12
src/c3nav/editor/forms.py
View file

@ -41,10 +41,14 @@ class EditorFormBase(I18nModelFormMixin, ModelForm):
self.fields['space'].widget = HiddenInput() self.fields['space'].widget = HiddenInput()
if 'geometry' in self.fields: if 'geometry' in self.fields:
# hide geometry widget if not request.user_permissions.can_access_base_mapdata:
self.fields['geometry'].widget = HiddenInput() # can't see this geometry in editor
if not creating: self.fields.pop('geometry')
self.initial['geometry'] = json.dumps(mapping(self.instance.geometry), separators=(',', ':')) else:
# hide geometry widget
self.fields['geometry'].widget = HiddenInput()
if not creating:
self.initial['geometry'] = json.dumps(mapping(self.instance.geometry), separators=(',', ':'))
if self._meta.model.__name__ == 'Source' and self.request.user.is_superuser: if self._meta.model.__name__ == 'Source' and self.request.user.is_superuser:
Source = self.request.changeset.wrap_model('Source') Source = self.request.changeset.wrap_model('Source')

2
src/c3nav/editor/templates/editor/fragment_child_models.html
View file

@ -7,7 +7,7 @@
{{ model.title }} {{ model.title }}
</a> </a>
{% endfor %} {% endfor %}
{% if graph_url %} {% if can_edit_graph and graph_url %}
<a href="{{ graph_url }}" class="list-group-item"> <a href="{{ graph_url }}" class="list-group-item">
{% trans 'Graph' %} {% trans 'Graph' %}
</a> </a>

2
src/c3nav/editor/templates/editor/index.html
View file

@ -4,7 +4,7 @@
<h3>{% trans 'c3nav map editor' %}</h3> <h3>{% trans 'c3nav map editor' %}</h3>
{% bootstrap_messages %} {% bootstrap_messages %}
{% if can_edit %} {% if can_create_level %}
<p> <p>
<a class="btn btn-default btn-xs" accesskey="n" href="{% url 'editor.levels.create' %}"> <a class="btn btn-default btn-xs" accesskey="n" href="{% url 'editor.levels.create' %}">
{% trans 'Level' as model_title %} {% trans 'Level' as model_title %}

2
src/c3nav/editor/templates/editor/level.html
View file

@ -32,7 +32,7 @@
{% if level.on_top_of is None %} {% if level.on_top_of is None %}
<h3>{% trans 'Levels on top' %}</h3> <h3>{% trans 'Levels on top' %}</h3>
{% if can_edit %} {% if can_create_level %}
<p> <p>
<a class="btn btn-default btn-xs" accesskey="n" href="{% url 'editor.levels_on_top.create' on_top_of=level.pk %}"> <a class="btn btn-default btn-xs" accesskey="n" href="{% url 'editor.levels_on_top.create' on_top_of=level.pk %}">
<i class="glyphicon glyphicon-plus"></i> {% blocktrans %}New {{ model_title }}{% endblocktrans %} <i class="glyphicon glyphicon-plus"></i> {% blocktrans %}New {{ model_title }}{% endblocktrans %}

2
src/c3nav/editor/templates/editor/list.html
View file

@ -16,7 +16,7 @@
{% endif %} {% endif %}
</h3> </h3>
{% bootstrap_messages %} {% bootstrap_messages %}
{% if can_edit %} {% if can_create_level %}
<a class="btn btn-default btn-xs" accesskey="n" href="{{ create_url }}"> <a class="btn btn-default btn-xs" accesskey="n" href="{{ create_url }}">
<i class="glyphicon glyphicon-plus"></i> {% blocktrans %}New {{ model_title }}{% endblocktrans %} <i class="glyphicon glyphicon-plus"></i> {% blocktrans %}New {{ model_title }}{% endblocktrans %}
</a> </a>

3
src/c3nav/editor/views/base.py
View file

@ -56,4 +56,5 @@ def etag_func(request, *args, **kwargs):
request.changeset = changeset request.changeset = changeset
return (get_language() + ':' + changeset.raw_cache_key_by_changes + ':' + return (get_language() + ':' + changeset.raw_cache_key_by_changes + ':' +
AccessPermission.cache_key_for_request(request, with_update=False) + ':' + str(request.user.pk or 0)) AccessPermission.cache_key_for_request(request, with_update=False) + ':' +
str(request.user.pk or 0) + ':' + str(int(request.user_permissions.can_access_base_mapdata)))

74
src/c3nav/editor/views/edit.py
View file

@ -45,7 +45,8 @@ def main_index(request):
Level = request.changeset.wrap_model('Level') Level = request.changeset.wrap_model('Level')
return render(request, 'editor/index.html', { return render(request, 'editor/index.html', {
'levels': Level.objects.filter(Level.q_for_request(request), on_top_of__isnull=True), 'levels': Level.objects.filter(Level.q_for_request(request), on_top_of__isnull=True),
'can_edit': request.changeset.can_edit(request), 'can_create_level': (request.user_permissions.can_access_base_mapdata and
request.changeset.can_edit(request)),
'child_models': [ 'child_models': [
child_model(request, 'LocationGroupCategory'), child_model(request, 'LocationGroupCategory'),
child_model(request, 'LocationGroup'), child_model(request, 'LocationGroup'),
@ -64,17 +65,25 @@ def level_detail(request, pk):
qs = Level.objects.filter(Level.q_for_request(request)) qs = Level.objects.filter(Level.q_for_request(request))
level = get_object_or_404(qs.select_related('on_top_of').prefetch_related('levels_on_top'), pk=pk) level = get_object_or_404(qs.select_related('on_top_of').prefetch_related('levels_on_top'), pk=pk)
if request.user_permissions.can_access_base_mapdata:
submodels = ('Building', 'Space', 'Door')
else:
submodels = ('Space', )
return render(request, 'editor/level.html', { return render(request, 'editor/level.html', {
'levels': Level.objects.filter(Level.q_for_request(request), on_top_of__isnull=True), 'levels': Level.objects.filter(Level.q_for_request(request), on_top_of__isnull=True),
'level': level, 'level': level,
'level_url': 'editor.levels.detail', 'level_url': 'editor.levels.detail',
'level_as_pk': True, 'level_as_pk': True,
'can_edit': request.changeset.can_edit(request), 'can_edit_graph': request.user_permissions.can_access_base_mapdata,
'can_create_level': (request.user_permissions.can_access_base_mapdata and
request.changeset.can_edit(request)),
'child_models': [child_model(request, model_name, kwargs={'level': pk}, parent=level) 'child_models': [child_model(request, model_name, kwargs={'level': pk}, parent=level)
for model_name in ('Building', 'Space', 'Door')], for model_name in submodels],
'levels_on_top': level.levels_on_top.filter(Level.q_for_request(request)).all(), 'levels_on_top': level.levels_on_top.filter(Level.q_for_request(request)).all(),
'geometry_url': '/api/editor/geometries/?level='+str(level.primary_level_pk), 'geometry_url': ('/api/editor/geometries/?level='+str(level.primary_level_pk)
if request.user_permissions.can_access_base_mapdata else None),
}) })
@ -86,18 +95,24 @@ def space_detail(request, level, pk):
qs = Space.objects.filter(Space.q_for_request(request)) qs = Space.objects.filter(Space.q_for_request(request))
space = get_object_or_404(qs.select_related('level'), level__pk=level, pk=pk) space = get_object_or_404(qs.select_related('level'), level__pk=level, pk=pk)
if request.user_permissions.can_access_base_mapdata:
submodels = ('POI', 'Area', 'Obstacle', 'LineObstacle', 'Stair', 'Ramp', 'Column',
'Hole', 'AltitudeMarker', 'LeaveDescription', 'CrossDescription',
'WifiMeasurement')
else:
submodels = ('POI', 'Area', 'AltitudeMarker', 'LeaveDescription', 'CrossDescription')
return render(request, 'editor/space.html', { return render(request, 'editor/space.html', {
'levels': Level.objects.filter(Level.q_for_request(request), on_top_of__isnull=True), 'levels': Level.objects.filter(Level.q_for_request(request), on_top_of__isnull=True),
'level': space.level, 'level': space.level,
'level_url': 'editor.spaces.list', 'level_url': 'editor.spaces.list',
'space': space, 'space': space,
'can_edit': request.changeset.can_edit(request), 'can_edit_graph': request.user_permissions.can_access_base_mapdata,
'child_models': [child_model(request, model_name, kwargs={'space': pk}, parent=space) 'child_models': [child_model(request, model_name, kwargs={'space': pk}, parent=space)
for model_name in ('POI', 'Area', 'Obstacle', 'LineObstacle', 'Stair', 'Ramp', 'Column', for model_name in submodels],
'Hole', 'AltitudeMarker', 'LeaveDescription', 'CrossDescription', 'geometry_url': ('/api/editor/geometries/?space='+pk
'WifiMeasurement')], if request.user_permissions.can_access_base_mapdata else None),
'geometry_url': '/api/editor/geometries/?space='+pk,
}) })
@ -121,6 +136,9 @@ def edit(request, pk=None, model=None, level=None, space=None, on_top_of=None, e
can_edit = request.changeset.can_edit(request) can_edit = request.changeset.can_edit(request)
if pk is None and not request.user_permissions.can_access_base_mapdata:
raise PermissionDenied
obj = None obj = None
if pk is not None: if pk is not None:
# Edit existing map item # Edit existing map item
@ -131,9 +149,13 @@ def edit(request, pk=None, model=None, level=None, space=None, on_top_of=None, e
if level is not None: if level is not None:
kwargs.update({'level__pk': level}) kwargs.update({'level__pk': level})
qs = qs.select_related('level') qs = qs.select_related('level')
can_edit = False
elif space is not None: elif space is not None:
kwargs.update({'space__pk': space}) kwargs.update({'space__pk': space})
qs = qs.select_related('space') qs = qs.select_related('space')
else:
if not request.user_permissions.can_access_base_mapdata:
can_edit = False
obj = get_object_or_404(qs, **kwargs) obj = get_object_or_404(qs, **kwargs)
elif level is not None: elif level is not None:
level = get_object_or_404(Level.objects.filter(Level.q_for_request(request)), pk=level) level = get_object_or_404(Level.objects.filter(Level.q_for_request(request)), pk=level)
@ -144,6 +166,7 @@ def edit(request, pk=None, model=None, level=None, space=None, on_top_of=None, e
pk=on_top_of) pk=on_top_of)
new = obj is None new = obj is None
# noinspection PyProtectedMember # noinspection PyProtectedMember
ctx = { ctx = {
'path': request.path, 'path': request.path,
@ -169,12 +192,14 @@ def edit(request, pk=None, model=None, level=None, space=None, on_top_of=None, e
}) })
if not new: if not new:
ctx.update({ ctx.update({
'geometry_url': '/api/editor/geometries/?level='+str(obj.primary_level_pk), 'geometry_url': ('/api/editor/geometries/?level='+str(obj.primary_level_pk)
if request.user_permissions.can_access_base_mapdata else None),
'on_top_of': obj.on_top_of, 'on_top_of': obj.on_top_of,
}) })
elif on_top_of: elif on_top_of:
ctx.update({ ctx.update({
'geometry_url': '/api/editor/geometries/?level=' + str(on_top_of.pk), 'geometry_url': ('/api/editor/geometries/?level=' + str(on_top_of.pk)
if request.user_permissions.can_access_base_mapdata else None),
'on_top_of': on_top_of, 'on_top_of': on_top_of,
'back_url': reverse('editor.levels.detail', kwargs={'pk': on_top_of.pk}), 'back_url': reverse('editor.levels.detail', kwargs={'pk': on_top_of.pk}),
}) })
@ -183,14 +208,16 @@ def edit(request, pk=None, model=None, level=None, space=None, on_top_of=None, e
ctx.update({ ctx.update({
'level': obj.level, 'level': obj.level,
'back_url': reverse('editor.spaces.detail', kwargs={'level': obj.level.pk, 'pk': pk}), 'back_url': reverse('editor.spaces.detail', kwargs={'level': obj.level.pk, 'pk': pk}),
'geometry_url': '/api/editor/geometries/?space='+pk, 'geometry_url': ('/api/editor/geometries/?space='+pk
if request.user_permissions.can_access_base_mapdata else None),
'nozoom': True, 'nozoom': True,
}) })
elif model == Space and new: elif model == Space and new:
ctx.update({ ctx.update({
'level': level, 'level': level,
'back_url': reverse('editor.spaces.list', kwargs={'level': level.pk}), 'back_url': reverse('editor.spaces.list', kwargs={'level': level.pk}),
'geometry_url': '/api/editor/geometries/?level='+str(level.primary_level_pk), 'geometry_url': ('/api/editor/geometries/?level='+str(level.primary_level_pk)
if request.user_permissions.can_access_base_mapdata else None),
'nozoom': True, 'nozoom': True,
}) })
elif hasattr(model, 'level'): elif hasattr(model, 'level'):
@ -199,7 +226,8 @@ def edit(request, pk=None, model=None, level=None, space=None, on_top_of=None, e
ctx.update({ ctx.update({
'level': level, 'level': level,
'back_url': reverse('editor.'+related_name+'.list', kwargs={'level': level.pk}), 'back_url': reverse('editor.'+related_name+'.list', kwargs={'level': level.pk}),
'geometry_url': '/api/editor/geometries/?level='+str(level.primary_level_pk), 'geometry_url': ('/api/editor/geometries/?level='+str(level.primary_level_pk)
if request.user_permissions.can_access_base_mapdata else None),
}) })
elif hasattr(model, 'space'): elif hasattr(model, 'space'):
if not new: if not new:
@ -208,7 +236,8 @@ def edit(request, pk=None, model=None, level=None, space=None, on_top_of=None, e
ctx.update({ ctx.update({
'level': space.level, 'level': space.level,
'back_url': reverse('editor.'+related_name+'.list', kwargs={'space': space.pk}), 'back_url': reverse('editor.'+related_name+'.list', kwargs={'space': space.pk}),
'geometry_url': '/api/editor/geometries/?space='+str(space.pk), 'geometry_url': ('/api/editor/geometries/?space='+str(space.pk)
if request.user_permissions.can_access_base_mapdata else None),
}) })
else: else:
kwargs = {} kwargs = {}
@ -357,6 +386,7 @@ def list_objects(request, model=None, level=None, space=None, explicit_edit=Fals
Space = request.changeset.wrap_model('Space') Space = request.changeset.wrap_model('Space')
can_edit = request.changeset.can_edit(request) can_edit = request.changeset.can_edit(request)
can_create = request.user_permissions.can_access_base_mapdata and can_edit
ctx = { ctx = {
'path': request.path, 'path': request.path,
@ -364,7 +394,7 @@ def list_objects(request, model=None, level=None, space=None, explicit_edit=Fals
'model_title': model._meta.verbose_name, 'model_title': model._meta.verbose_name,
'model_title_plural': model._meta.verbose_name_plural, 'model_title_plural': model._meta.verbose_name_plural,
'explicit_edit': explicit_edit, 'explicit_edit': explicit_edit,
'can_edit': can_edit, 'can_create': can_create,
} }
queryset = model.objects.all().order_by('id') queryset = model.objects.all().order_by('id')
@ -382,7 +412,8 @@ def list_objects(request, model=None, level=None, space=None, explicit_edit=Fals
'levels': Level.objects.filter(Level.q_for_request(request), on_top_of__isnull=True), 'levels': Level.objects.filter(Level.q_for_request(request), on_top_of__isnull=True),
'level': level, 'level': level,
'level_url': request.resolver_match.url_name, 'level_url': request.resolver_match.url_name,
'geometry_url': '/api/editor/geometries/?level='+str(level.primary_level_pk), 'geometry_url': ('/api/editor/geometries/?level='+str(level.primary_level_pk)
if request.user_permissions.can_access_base_mapdata else None),
}) })
elif space is not None: elif space is not None:
reverse_kwargs['space'] = space reverse_kwargs['space'] = space
@ -418,7 +449,8 @@ def list_objects(request, model=None, level=None, space=None, explicit_edit=Fals
'space': space, 'space': space,
'back_url': reverse('editor.spaces.detail', kwargs={'level': space.level.pk, 'pk': space.pk}), 'back_url': reverse('editor.spaces.detail', kwargs={'level': space.level.pk, 'pk': space.pk}),
'back_title': _('back to space'), 'back_title': _('back to space'),
'geometry_url': '/api/editor/geometries/?space='+str(space.pk), 'geometry_url': ('/api/editor/geometries/?space='+str(space.pk)
if request.user_permissions.can_access_base_mapdata else None),
}) })
else: else:
ctx.update({ ctx.update({
@ -441,6 +473,9 @@ def list_objects(request, model=None, level=None, space=None, explicit_edit=Fals
def connect_nodes(request, active_node, clicked_node, edge_settings_form): def connect_nodes(request, active_node, clicked_node, edge_settings_form):
if not request.user_permissions.can_access_base_mapdata:
raise PermissionDenied
changeset_exceeded = get_changeset_exceeded(request) changeset_exceeded = get_changeset_exceeded(request)
graphedge_changes = {} graphedge_changes = {}
if changeset_exceeded: if changeset_exceeded:
@ -476,6 +511,9 @@ def connect_nodes(request, active_node, clicked_node, edge_settings_form):
@sidebar_view @sidebar_view
@etag(etag_func) @etag(etag_func)
def graph_edit(request, level=None, space=None): def graph_edit(request, level=None, space=None):
if not request.user_permissions.can_access_base_mapdata:
raise PermissionDenied
Level = request.changeset.wrap_model('Level') Level = request.changeset.wrap_model('Level')
Space = request.changeset.wrap_model('Space') Space = request.changeset.wrap_model('Space')
GraphNode = request.changeset.wrap_model('GraphNode') GraphNode = request.changeset.wrap_model('GraphNode')