From: Jörn Menne Date: Mon, 20 Jan 2025 15:52:16 +0000 (+0100) Subject: Add working objectlevel permissions. X-Git-Url: https://git.menne-pb.de/?a=commitdiff_plain;h=9919330b791e2d61cab8a0c2009dd53a5311a759;p=pinpoint.git Add working objectlevel permissions. Currently it is only tested for Users, but it seems to be working --- diff --git a/georeport/admin.py b/georeport/admin.py index 76bec79..2447a2d 100644 --- a/georeport/admin.py +++ b/georeport/admin.py @@ -3,6 +3,7 @@ from django.contrib import admin, messages +from django.urls import base from django.utils.translation import ngettext # Register your models here. @@ -47,3 +48,23 @@ class CategoryInline(admin.TabularInline): class CategoryAdmin(admin.ModelAdmin): exlude = None inlines = [CategoryInline] + + def has_change_permission(self, request, obj=None): + basepermission = super().has_change_permission(request, obj) + if obj: + allowed = obj.group.all() + else: + allowed = [] + + if basepermission and (request.user in allowed): + return True + return False + + +class GeoreportAdminSite(admin.AdminSite): + site_header = "My cool admin site" + + +admin_site = GeoreportAdminSite(name="coolAdmin") +admin_site.register(Report, ReportAdmin) +admin_site.register(Category, CategoryAdmin) diff --git a/georeport/migrations/0008_category_group.py b/georeport/migrations/0008_category_group.py new file mode 100644 index 0000000..679705b --- /dev/null +++ b/georeport/migrations/0008_category_group.py @@ -0,0 +1,20 @@ +# Generated by Django 5.1.4 on 2025-01-20 12:04 + +from django.conf import settings +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('georeport', '0007_delete_group'), + migrations.swappable_dependency(settings.AUTH_USER_MODEL), + ] + + operations = [ + migrations.AddField( + model_name='category', + name='group', + field=models.ManyToManyField(related_name='owner', to=settings.AUTH_USER_MODEL), + ), + ] diff --git a/georeport/models.py b/georeport/models.py index 905c6cf..c347749 100644 --- a/georeport/models.py +++ b/georeport/models.py @@ -4,6 +4,7 @@ from asyncio import wait from django.db import models +from django.contrib.auth.models import Group, User, Permission # Create your models here. @@ -18,6 +19,8 @@ class Category(models.Model): blank=True, ) + group = models.ManyToManyField(User, related_name="owner") + class Meta: verbose_name_plural = "Categories" diff --git a/georeport/static/georeport/style.css b/georeport/static/georeport/style.css new file mode 100644 index 0000000..2e73e20 --- /dev/null +++ b/georeport/static/georeport/style.css @@ -0,0 +1,6 @@ +#map { + width: 50%; + border: 3px solid; + margin: auto; + border-radius: 25px; +} diff --git a/georeport/templates/georeport/base.html b/georeport/templates/georeport/base.html index 1c0e302..fff44d9 100644 --- a/georeport/templates/georeport/base.html +++ b/georeport/templates/georeport/base.html @@ -20,6 +20,7 @@ GNU General Public License v3.0 (see LICSENE or https://www.gnu.org/license/gpl- + diff --git a/georeport/views.py b/georeport/views.py index 7f277ce..3113810 100644 --- a/georeport/views.py +++ b/georeport/views.py @@ -33,7 +33,16 @@ def details(request, id): def category_details(request, id): category = get_object_or_404(Category, pk=id) - return render(request, "georeport/category.html", context={"category": category}) + user = request.user + + allowed = category.group.all() + + if user in allowed or user.is_superuser: + return render( + request, "georeport/category.html", context={"category": category} + ) + else: + return HttpResponseForbidden("Not allowed") def create(request): diff --git a/pinpoint/urls.py b/pinpoint/urls.py index cae0aa3..0e04e01 100644 --- a/pinpoint/urls.py +++ b/pinpoint/urls.py @@ -19,9 +19,12 @@ from django.contrib import admin from django.urls import path, include from debug_toolbar.toolbar import debug_toolbar_urls +from georeport.admin import admin_site + urlpatterns = [ path("admin/", admin.site.urls), - path("", include("snippets.urls")), + path("myadmin/", admin_site.urls), + path("snippets/", include("snippets.urls")), path("georeport/", include("georeport.urls")), path("polls/", include("polls.urls")), ] + debug_toolbar_urls() diff --git a/snippets/urls.py b/snippets/urls.py index 695c1e6..be8e133 100644 --- a/snippets/urls.py +++ b/snippets/urls.py @@ -11,7 +11,7 @@ from rest_framework.routers import DefaultRouter router = DefaultRouter() -router.register(r"snippets", SnippetViewSet, basename="snippet") +router.register(r"", SnippetViewSet, basename="snippet") router.register(r"users", UserViewSet, basename="user") urlpatterns = [path("", include(router.urls))]