diff --git a/equipment/models.py b/equipment/models.py index 6498756..f8db97a 100644 --- a/equipment/models.py +++ b/equipment/models.py @@ -16,6 +16,7 @@ class Equipment(EventSpecificMixin, models.Model): related_name="equipment", through="EquipmentAttribution", ) + needs_event_permissions = True class Meta: verbose_name = _("matériel") @@ -30,6 +31,7 @@ class EquipmentAttribution(models.Model): activity = models.ForeignKey(Activity) amount = models.PositiveSmallIntegerField(_("quantité attribuée")) remarks = models.TextField(_("remarques concernant l'attribution")) + needs_event_permissions = True class Meta: verbose_name = _("attribution de matériel") diff --git a/evenementiel/settings/common.py b/evenementiel/settings/common.py index 5d291cb..85594e5 100644 --- a/evenementiel/settings/common.py +++ b/evenementiel/settings/common.py @@ -58,6 +58,7 @@ INSTALLED_APPS = [ 'channels', 'bootstrapform', 'widget_tweaks', + 'guardian', ] MIDDLEWARE_CLASSES = [ @@ -121,6 +122,11 @@ CHANNEL_LAYERS = { } } +AUTHENTICATION_BACKEND = ( + 'django.contrib.auth.backends.ModelBackend', + 'guardian.backends.ObjectPermissionBackend', +) + # Password validation # https://docs.djangoproject.com/en/1.9/ref/settings/#auth-password-validators AUTH_PASSWORD_VALIDATORS = [ diff --git a/event/apps.py b/event/apps.py index 13b1f16..7604a87 100644 --- a/event/apps.py +++ b/event/apps.py @@ -3,3 +3,6 @@ from django.apps import AppConfig class EventConfig(AppConfig): name = 'event' + + def ready(self): + from . import signals diff --git a/event/models.py b/event/models.py index 36dca46..83cd985 100644 --- a/event/models.py +++ b/event/models.py @@ -61,6 +61,7 @@ class Place(EventSpecificMixin, models.Model): max_length=200, ) description = models.TextField(blank=True) + needs_event_permissions = True class Meta: verbose_name = _("lieu") @@ -92,6 +93,7 @@ class ActivityTag(EventSpecificMixin, models.Model): validators=[color_regex], help_text=_("Rentrer une couleur en hexadécimal"), ) + needs_event_permissions = True class Meta: verbose_name = _("tag") @@ -152,6 +154,8 @@ class AbstractActivityTemplate(SubscriptionMixin, models.Model): class ActivityTemplate(AbstractActivityTemplate): + needs_event_permissions = True + class Meta: verbose_name = _("template activité") verbose_name_plural = _("templates activité") @@ -173,6 +177,7 @@ class Activity(AbstractActivityTemplate): beginning = models.DateTimeField(_("heure de début")) end = models.DateTimeField(_("heure de fin")) + needs_event_permissions = True def get_herited(self, attrname): inherited_fields = [f.name for f in ActivityTemplate._meta.get_fields()] diff --git a/event/signals.py b/event/signals.py index f942e3c..040fc37 100644 --- a/event/signals.py +++ b/event/signals.py @@ -1,19 +1,50 @@ from django.dispatch import receiver -from django.db.models.signals import post_save +from django.db.models.signals import post_save, post_migrate +from django.apps import apps +from django.contrib.contenttypes.models import ContentType +from django.contrib.auth.models import Permission from event.models import Event -from shared.models import GEGroup +from users.models import GEGroup +from guardian.shortcuts import assign_perm @receiver(post_save, sender=Event) def create_groups_for_event(sender, **kwargs): event, created = kwargs["instance"], kwargs["created"] if created: - GEGroup.objects.create( + orgas = GEGroup.objects.create( name="orga", event=event ) + for perm in Permission.objects.filter(codename__contains="event_"): + assign_perm(perm.codename, orgas, event) + GEGroup.objects.create( name="participants", event=event, ) + + +@receiver(post_migrate) +def create_event_permissions(sender, **kwargs): + + def event_specific_permissions(): + opes = ['Add', 'Change', 'Delete'] + models = [model.__name__.lower() for model in apps.get_models() + if getattr(model, 'needs_event_permissions', False)] + + return [ + ('event_{}_{}'.format(op.lower(), model), + '{} {} for event'.format(op, model)) + for op in opes + for model in models + ] + + content_type = ContentType.objects.get_for_model(Event) + for (code, verbose) in event_specific_permissions(): + Permission.objects.get_or_create( + name=verbose, + content_type=content_type, + codename=code + ) diff --git a/requirements.txt b/requirements.txt index 41fb065..021d4d8 100644 --- a/requirements.txt +++ b/requirements.txt @@ -7,6 +7,7 @@ django-bootstrap-form==3.2.1 django-widget-tweaks django-notifications django-contrib-comments +django-guardian # Production specific daphne