FossilRepo

fossilrepo / core / permissions.py
Source Blame History 69 lines
4ce269c… ragelink 1 import logging
4ce269c… ragelink 2 from enum import Enum
4ce269c… ragelink 3
4ce269c… ragelink 4 from django.core.exceptions import PermissionDenied
4ce269c… ragelink 5
4ce269c… ragelink 6 logger = logging.getLogger(__name__)
4ce269c… ragelink 7
4ce269c… ragelink 8
4ce269c… ragelink 9 class P(Enum):
4ce269c… ragelink 10 """Permission enum. Check permissions via P.PERMISSION_NAME.check(user)."""
4ce269c… ragelink 11
4ce269c… ragelink 12 # Organization
4ce269c… ragelink 13 ORGANIZATION_VIEW = "organization.view_organization"
4ce269c… ragelink 14 ORGANIZATION_ADD = "organization.add_organization"
4ce269c… ragelink 15 ORGANIZATION_CHANGE = "organization.change_organization"
4ce269c… ragelink 16 ORGANIZATION_DELETE = "organization.delete_organization"
4ce269c… ragelink 17
4ce269c… ragelink 18 # Organization Members
4ce269c… ragelink 19 ORGANIZATION_MEMBER_VIEW = "organization.view_organizationmember"
4ce269c… ragelink 20 ORGANIZATION_MEMBER_ADD = "organization.add_organizationmember"
4ce269c… ragelink 21 ORGANIZATION_MEMBER_CHANGE = "organization.change_organizationmember"
4ce269c… ragelink 22 ORGANIZATION_MEMBER_DELETE = "organization.delete_organizationmember"
4ce269c… ragelink 23
4ce269c… ragelink 24 # Teams
4ce269c… ragelink 25 TEAM_VIEW = "organization.view_team"
4ce269c… ragelink 26 TEAM_ADD = "organization.add_team"
4ce269c… ragelink 27 TEAM_CHANGE = "organization.change_team"
4ce269c… ragelink 28 TEAM_DELETE = "organization.delete_team"
4ce269c… ragelink 29
c588255… ragelink 30 # Project Groups
c588255… ragelink 31 PROJECT_GROUP_VIEW = "projects.view_projectgroup"
c588255… ragelink 32 PROJECT_GROUP_ADD = "projects.add_projectgroup"
c588255… ragelink 33 PROJECT_GROUP_CHANGE = "projects.change_projectgroup"
c588255… ragelink 34 PROJECT_GROUP_DELETE = "projects.delete_projectgroup"
c588255… ragelink 35
4ce269c… ragelink 36 # Projects
4ce269c… ragelink 37 PROJECT_VIEW = "projects.view_project"
4ce269c… ragelink 38 PROJECT_ADD = "projects.add_project"
4ce269c… ragelink 39 PROJECT_CHANGE = "projects.change_project"
4ce269c… ragelink 40 PROJECT_DELETE = "projects.delete_project"
4ce269c… ragelink 41
4ce269c… ragelink 42 # Fossil
4ce269c… ragelink 43 FOSSIL_VIEW = "fossil.view_fossilrepository"
4ce269c… ragelink 44 FOSSIL_ADD = "fossil.add_fossilrepository"
4ce269c… ragelink 45 FOSSIL_CHANGE = "fossil.change_fossilrepository"
4ce269c… ragelink 46 FOSSIL_DELETE = "fossil.delete_fossilrepository"
4ce269c… ragelink 47
4ce269c… ragelink 48 # Pages (docs)
4ce269c… ragelink 49 PAGE_VIEW = "pages.view_page"
4ce269c… ragelink 50 PAGE_ADD = "pages.add_page"
4ce269c… ragelink 51 PAGE_CHANGE = "pages.change_page"
4ce269c… ragelink 52 PAGE_DELETE = "pages.delete_page"
4ce269c… ragelink 53
4ce269c… ragelink 54 def check(self, user, raise_error=True):
4ce269c… ragelink 55 """Check if user has this permission. Superusers always pass."""
4ce269c… ragelink 56 if not user or not user.is_authenticated:
4ce269c… ragelink 57 if raise_error:
4ce269c… ragelink 58 raise PermissionDenied("Authentication required.")
4ce269c… ragelink 59 return False
4ce269c… ragelink 60
4ce269c… ragelink 61 if user.is_superuser:
4ce269c… ragelink 62 return True
4ce269c… ragelink 63
4ce269c… ragelink 64 if user.has_perm(self.value):
4ce269c… ragelink 65 return True
4ce269c… ragelink 66
4ce269c… ragelink 67 if raise_error:
4ce269c… ragelink 68 raise PermissionDenied(f"Permission denied: {self.value}")
4ce269c… ragelink 69 return False

Keyboard Shortcuts

Open search /
Next entry (timeline) j
Previous entry (timeline) k
Open focused entry Enter
Show this help ?
Toggle theme Top nav button