From 7d53df6ea55bcf935959fcc62da5307c09a92bbf Mon Sep 17 00:00:00 2001 From: Holger Sielaff Date: Thu, 4 Jul 2024 14:05:55 +0200 Subject: [PATCH] play with somort of permission management --- content/admin.py | 14 +++++++++----- lib/__init__.py | 12 +++++++++++- lib/mixins/__init__.py | 20 ++++++++++++++++++++ quiz/admin.py | 3 ++- 4 files changed, 42 insertions(+), 7 deletions(-) create mode 100644 lib/mixins/__init__.py diff --git a/content/admin.py b/content/admin.py index 1fe08dd..5ee7941 100644 --- a/content/admin.py +++ b/content/admin.py @@ -3,24 +3,25 @@ from django.utils.safestring import mark_safe from content.models import Link, MediaFile, Question, QuestionVersion, Level, Label from lib.utils import color_label +from lib.mixins import PermissionsAdminMixin @admin.register(Level) -class LevelAdmin(admin.ModelAdmin): +class LevelAdmin(PermissionsAdminMixin, admin.ModelAdmin): search_fields = ('name', 'value',) list_display = ('name', 'value', 'color') list_editable = ('color',) @admin.register(Label) -class LabelAdmin(admin.ModelAdmin): +class LabelAdmin(PermissionsAdminMixin, admin.ModelAdmin): search_fields = ('name',) list_display = ('name', 'color') list_editable = ('color',) @admin.register(Question) -class QuestionAdmin(admin.ModelAdmin): +class QuestionAdmin(PermissionsAdminMixin, admin.ModelAdmin): autocomplete_fields = ('medias', 'links', 'labels',) list_display = ('name', 'list_labels', 'list_level', 'author') search_fields = ('name', 'question', 'awnser', 'description', 'label__name', 'level__value', 'level__name',) @@ -46,13 +47,13 @@ class QuestionAdmin(admin.ModelAdmin): @admin.register(MediaFile) -class MediaFileAdmin(admin.ModelAdmin): +class MediaFileAdmin(PermissionsAdminMixin, admin.ModelAdmin): search_fields = ('name', 'file__name') list_display = ('name', 'file') @admin.register(Link) -class LinkAdmin(admin.ModelAdmin): +class LinkAdmin(PermissionsAdminMixin, admin.ModelAdmin): search_fields = ('url',) @@ -71,3 +72,6 @@ class QuestionVersionAdmin(admin.ModelAdmin): def has_delete_permission(self, request, obj=None): """Versions are immutable """ return False + + def has_view_permission(self, request, obj=None): + return True diff --git a/lib/__init__.py b/lib/__init__.py index 3880c03..961f81a 100644 --- a/lib/__init__.py +++ b/lib/__init__.py @@ -1 +1,11 @@ -from .middleware.current_user import get_current_user \ No newline at end of file +from .middleware.current_user import get_current_user, get_current_request + +def permissions(instance, read = False): + if read: + return True + u = get_current_user() + if u.is_superuser or u == instance.author: + return True + return False + + diff --git a/lib/mixins/__init__.py b/lib/mixins/__init__.py new file mode 100644 index 0000000..c27ebaf --- /dev/null +++ b/lib/mixins/__init__.py @@ -0,0 +1,20 @@ +from lib import permissions + + +class PermissionsAdminMixin: + def has_add_permission(self, request, obj=None): + """If a group right is not set :) + Allways be able to create a version + """ + return permissions(obj) if obj else True + + def has_change_permission(self, request, obj=None): + """Versions are immutable """ + return permissions(obj) if obj else True + + def has_delete_permission(self, request, obj=None): + """Versions are immutable """ + return permissions(obj) if obj else True + + def has_view_permissions(selfself, request, obj=None): + return True diff --git a/quiz/admin.py b/quiz/admin.py index e984331..f9dc526 100644 --- a/quiz/admin.py +++ b/quiz/admin.py @@ -1,6 +1,7 @@ from django.contrib import admin from quiz.models import Quiz, Question +from lib.mixins import PermissionsAdminMixin class QuizQuestionInlineAdmin(admin.StackedInline): @@ -8,7 +9,7 @@ class QuizQuestionInlineAdmin(admin.StackedInline): @admin.register(Quiz) -class QuizAdmin(admin.ModelAdmin): +class QuizAdmin(PermissionsAdminMixin, admin.ModelAdmin): inlines = (QuizQuestionInlineAdmin,) list_display = ('name', 'download_urls') search_fields = (