Showing
3 changed files
with
48 additions
and
71 deletions
| 1 | from django.db.models import QuerySet | 1 | from django.db.models import QuerySet |
| 2 | +from django.db.models import Q | ||
| 3 | +from django.contrib.auth.models import Permission | ||
| 2 | 4 | ||
| 3 | 5 | ||
| 4 | class PublicadoQuerySet(QuerySet): | 6 | class PublicadoQuerySet(QuerySet): |
| 5 | def get_queryset(self): | 7 | def get_queryset(self): |
| 6 | return self.filter(publicado__isnull=False) | 8 | return self.filter(publicado__isnull=False) |
| 9 | + | ||
| 10 | + | ||
| 11 | +def filter_queryset_by_permissions(queryset, user): | ||
| 12 | + if not user.is_superuser: | ||
| 13 | + grupos_usuario = user.groups.all() | ||
| 14 | + organismo_codenames = Permission.objects.filter( | ||
| 15 | + group__in=grupos_usuario, | ||
| 16 | + codename__startswith='view_' | ||
| 17 | + ).values_list('codename', flat=True) | ||
| 18 | + organismos_permitidos = [ | ||
| 19 | + codename[len('view_'):].replace('_', ' ') | ||
| 20 | + for codename in organismo_codenames | ||
| 21 | + ] | ||
| 22 | + query = Q() | ||
| 23 | + for name in organismos_permitidos: | ||
| 24 | + query |= Q(short_name__icontains=name) | ||
| 25 | + return queryset.filter(query) | ||
| 26 | + return queryset |
| 1 | from django.contrib import admin | 1 | from django.contrib import admin |
| 2 | +from django.db.models import Q | ||
| 2 | 3 | ||
| 3 | from .models import Organismo, Dependencia | 4 | from .models import Organismo, Dependencia |
| 5 | +from core.querysets import filter_queryset_by_permissions | ||
| 4 | 6 | ||
| 5 | # Register your models here. | 7 | # Register your models here. |
| 6 | 8 | ||
| @@ -8,40 +10,24 @@ from .models import Organismo, Dependencia | @@ -8,40 +10,24 @@ from .models import Organismo, Dependencia | ||
| 8 | @admin.register(Organismo) | 10 | @admin.register(Organismo) |
| 9 | class OrganismoAdmin(admin.ModelAdmin): | 11 | class OrganismoAdmin(admin.ModelAdmin): |
| 10 | model = Organismo | 12 | model = Organismo |
| 11 | - list_display = ('id', 'short_name') | 13 | + list_display = ('short_name', ) |
| 12 | list_filter = ('short_name',) | 14 | list_filter = ('short_name',) |
| 13 | search_fields = ('short_name', ) | 15 | search_fields = ('short_name', ) |
| 14 | 16 | ||
| 15 | - def has_view_permission(self, request, obj=None): | ||
| 16 | - if obj is not None: | ||
| 17 | - return request.user.has_perm(f'organismo.view_{obj.short_name.lower().replace(" ", "_")}') | ||
| 18 | - return request.user.has_perm('organismo.view_organismo') | ||
| 19 | - | ||
| 20 | - def has_add_permission(self, request): | ||
| 21 | - return request.user.has_perm('organismo.create_organismo') | ||
| 22 | - | ||
| 23 | - def has_change_permission(self, request, obj=None): | ||
| 24 | - if obj is not None: | ||
| 25 | - return request.user.has_perm(f'organismo.edit_{obj.short_name.lower().replace(" ", "_")}') | ||
| 26 | - return request.user.has_perm('organismo.edit_organismo') | ||
| 27 | - | ||
| 28 | - def has_delete_permission(self, request, obj=None): | ||
| 29 | - if obj is not None: | ||
| 30 | - return request.user.has_perm(f'organismo.delete_{obj.short_name.lower().replace(" ", "_")}') | ||
| 31 | - return request.user.has_perm('organismo.delete_organismo') | 17 | + def get_queryset(self, request): |
| 18 | + qs = super().get_queryset(request) | ||
| 19 | + qs = filter_queryset_by_permissions(qs, request.user) | ||
| 20 | + return qs | ||
| 32 | 21 | ||
| 33 | 22 | ||
| 34 | @admin.register(Dependencia) | 23 | @admin.register(Dependencia) |
| 35 | class DependenciaAdmin(admin.ModelAdmin): | 24 | class DependenciaAdmin(admin.ModelAdmin): |
| 36 | model = Dependencia | 25 | model = Dependencia |
| 37 | - list_display = ('id', 'organismo', 'short_name',) | 26 | + list_display = ('short_name', 'organismo',) |
| 38 | list_filter = ('organismo', 'short_name',) | 27 | list_filter = ('organismo', 'short_name',) |
| 39 | search_fields = ('short_name',) | 28 | search_fields = ('short_name',) |
| 40 | 29 | ||
| 41 | def get_queryset(self, request): | 30 | def get_queryset(self, request): |
| 42 | - queryset = super().get_queryset(request) | ||
| 43 | - | ||
| 44 | - if not request.user.is_superuser: | ||
| 45 | - user_groups = request.user.groups.all() | ||
| 46 | - | ||
| 47 | - return queryset | 31 | + qs = super().get_queryset(request) |
| 32 | + qs = filter_queryset_by_permissions(qs, request.user) | ||
| 33 | + return qs |
| @@ -19,38 +19,6 @@ class Organismo(models.Model): | @@ -19,38 +19,6 @@ class Organismo(models.Model): | ||
| 19 | return f'{self.short_name}' | 19 | return f'{self.short_name}' |
| 20 | 20 | ||
| 21 | 21 | ||
| 22 | -def custom_permission_organismo_create(organismo): | ||
| 23 | - content_type = ContentType.objects.get_for_model(Organismo) | ||
| 24 | - | ||
| 25 | - action = 'view' | ||
| 26 | - codename = f'{action}_{organismo.short_name.lower().replace(" ", "_")}' | ||
| 27 | - if not Permission.objects.filter(codename=codename, content_type=content_type).exists(): | ||
| 28 | - Permission.objects.create( | ||
| 29 | - codename=codename, | ||
| 30 | - name=f'Can {action} {organismo.short_name}', | ||
| 31 | - content_type=content_type, | ||
| 32 | - ) | ||
| 33 | - | ||
| 34 | - | ||
| 35 | -def custom_permission_organismo_delete(organismo): | ||
| 36 | - content_type = ContentType.objects.get_for_model(Organismo) | ||
| 37 | - | ||
| 38 | - action = 'view' | ||
| 39 | - codename = f'{action}_{organismo.short_name.lower().replace(" ", "_")}' | ||
| 40 | - Permission.objects.filter(codename=codename, content_type=content_type).delete() | ||
| 41 | - | ||
| 42 | - | ||
| 43 | -@receiver(post_save, sender=Organismo) | ||
| 44 | -def manage_organismo_permissions(sender, instance, created, **kwargs): | ||
| 45 | - if created: | ||
| 46 | - custom_permission_organismo_create(instance) | ||
| 47 | - else: | ||
| 48 | - old_instance = Organismo.objects.get(pk=instance.pk) | ||
| 49 | - if old_instance.short_name != instance.short_name: | ||
| 50 | - custom_permission_organismo_create(old_instance) | ||
| 51 | - custom_permission_organismo_delete(instance) | ||
| 52 | - | ||
| 53 | - | ||
| 54 | class Dependencia(models.Model): | 22 | class Dependencia(models.Model): |
| 55 | objects = None | 23 | objects = None |
| 56 | 24 | ||
| @@ -65,33 +33,36 @@ class Dependencia(models.Model): | @@ -65,33 +33,36 @@ class Dependencia(models.Model): | ||
| 65 | return f'{self.organismo} - {self.short_name}' | 33 | return f'{self.organismo} - {self.short_name}' |
| 66 | 34 | ||
| 67 | 35 | ||
| 68 | -def custom_permission_dependencia_create(dependencia): | ||
| 69 | - content_type = ContentType.objects.get_for_model(dependencia) | ||
| 70 | - | 36 | +def custom_permission_create(instance, model_class): |
| 37 | + content_type = ContentType.objects.get_for_model(model_class) | ||
| 71 | action = 'view' | 38 | action = 'view' |
| 72 | - codename = f'{action}_{dependencia.short_name.lower().replace(" ", "_")}' | 39 | + codename = f'{action}_{instance.short_name.lower().replace(" ", "_")}' |
| 40 | + | ||
| 73 | if not Permission.objects.filter(codename=codename, content_type=content_type).exists(): | 41 | if not Permission.objects.filter(codename=codename, content_type=content_type).exists(): |
| 74 | Permission.objects.create( | 42 | Permission.objects.create( |
| 75 | codename=codename, | 43 | codename=codename, |
| 76 | - name=f'Can {action} {dependencia.short_name}', | 44 | + name=f'Can {action} {instance.short_name}', |
| 77 | content_type=content_type, | 45 | content_type=content_type, |
| 78 | ) | 46 | ) |
| 79 | 47 | ||
| 80 | 48 | ||
| 81 | -def custom_permissions_dependencia_delete(dependencia): | ||
| 82 | - content_type = ContentType.objects.get_for_model(dependencia) | ||
| 83 | - | 49 | +def custom_permission_delete(instance, model_class): |
| 50 | + content_type = ContentType.objects.get_for_model(model_class) | ||
| 84 | action = 'view' | 51 | action = 'view' |
| 85 | - codename = f'{action}_{dependencia.short_name.lower().replace(" ", "_")}' | 52 | + codename = f'{action}_{instance.short_name.lower().replace(" ", "_")}' |
| 53 | + | ||
| 86 | Permission.objects.filter(codename=codename, content_type=content_type).delete() | 54 | Permission.objects.filter(codename=codename, content_type=content_type).delete() |
| 87 | 55 | ||
| 88 | 56 | ||
| 89 | @receiver(post_save, sender=Dependencia) | 57 | @receiver(post_save, sender=Dependencia) |
| 90 | -def manage_dependencia_permissions(sender, instance, created, **kwargs): | 58 | +@receiver(post_save, sender=Organismo) |
| 59 | +def manage_permissions(sender, instance, created, **kwargs): | ||
| 60 | + model_class = type(instance) | ||
| 61 | + | ||
| 91 | if created: | 62 | if created: |
| 92 | - custom_permission_dependencia_create(instance) | 63 | + custom_permission_create(instance, model_class) |
| 93 | else: | 64 | else: |
| 94 | - old_instance = Organismo.objects.get(pk=instance.pk) | 65 | + old_instance = model_class.objects.get(pk=instance.pk) |
| 95 | if old_instance.short_name != instance.short_name: | 66 | if old_instance.short_name != instance.short_name: |
| 96 | - custom_permissions_dependencia_delete(old_instance) | ||
| 97 | - custom_permission_dependencia_create(instance) | ||
| 67 | + custom_permission_delete(old_instance, model_class) | ||
| 68 | + custom_permission_create(instance, model_class) |
-
Please register or login to post a comment