onny/verwaltungstracker
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
verwaltungstracker/froide_govplan/admin.py
Stefan Wehrmeyer df92fa5c27 Add permissions via plan.group
2022-02-16 14:30:47 +01:00

153 lines
4.6 KiB
Python
Raw Blame History

from django import forms
from django.contrib import admin, auth
from django.urls import reverse_lazy
from tinymce.widgets import TinyMCE
from froide.helper.widgets import TagAutocompleteWidget
from .models import Government, GovernmentPlan, GovernmentPlanUpdate
User = auth.get_user_model()
class GovernmentPlanAdminForm(forms.ModelForm):
class Meta:
model = GovernmentPlan
fields = "__all__"
widgets = {
"categories": TagAutocompleteWidget(
autocomplete_url=reverse_lazy("api:category-autocomplete")
),
}
class GovernmentPlanUpdateAdminForm(forms.ModelForm):
class Meta:
model = GovernmentPlanUpdate
fields = "__all__"
widgets = {"content": TinyMCE(attrs={"cols": 80, "rows": 30})}
class GovernmentAdmin(admin.ModelAdmin):
prepopulated_fields = {"slug": ("name",)}
list_display = ("name", "public", "start_date", "end_date")
list_filter = ("public",)
class GovernmentPlanAdmin(admin.ModelAdmin):
form = GovernmentPlanAdminForm
save_on_top = True
prepopulated_fields = {"slug": ("title",)}
raw_id_fields = ("responsible_publicbody",)
list_display = (
"title",
"public",
"status",
"rating",
)
list_filter = ("status", "rating", "public", "government")
class GovernmentPlanUpdateAdmin(admin.ModelAdmin):
form = GovernmentPlanUpdateAdminForm
raw_id_fields = ("user", "foirequest")
list_display = (
"title",
"timestamp",
"plan",
"user",
"status",
"rating",
"public",
)
list_filter = (
"status",
"public",
)
search_fields = (
"title",
"plan__title",
)
date_hierarchy = "timestamp"
def get_queryset(self, request):
qs = super().get_queryset(request)
qs = qs.prefetch_related(
"plan",
"user",
)
if self.has_limited_access(request.user):
qs = qs.filter(plan__in=self.get_allowed_plans(request))
return qs
def save_model(self, request, obj, form, change):
limited = self.has_limited_access(request.user)
if not change and limited:
# When added by a limited user,
# autofill user and organization
obj.user = request.user
if obj.plan.organization:
user_has_org = request.user.organization_set.all().filter(pk=1).exists()
if user_has_org:
obj.organization = obj.plan.organization
res = super().save_model(request, obj, form, change)
obj.plan.update_from_updates()
return res
def has_limited_access(self, user):
return not user.has_perm("froide_gov.change_governmentplanupdate")
def get_allowed_plans(self, request):
if not self.has_limited_access(request.user):
return GovernmentPlan.objects.all()
groups = request.user.groups.all()
return GovernmentPlan.objects.filter(group__in=groups).distinct()
def get_fields(self, request, obj=None):
if self.has_limited_access(request.user):
return (
"plan",
"title",
"timestamp",
"content",
"url",
"status",
"rating",
"public",
)
return super().get_fields(request, obj=obj)
def formfield_for_foreignkey(self, db_field, request, **kwargs):
if db_field.name == "plan":
if self.has_limited_access(request.user):
kwargs["queryset"] = self.get_allowed_plans(request)
return super().formfield_for_foreignkey(db_field, request, **kwargs)
def user_in_obj_group(self, request, obj):
if not obj.plan.group_id:
return False
user = request.user
return User.objects.filter(pk=user.pk, groups=obj.plan.group_id).exists()
def has_view_permission(self, request, obj=None):
if obj and self.user_in_obj_group(request, obj):
return True
return super().has_view_permission(request, obj=obj)
def has_add_permission(self, request):
return super().has_add_permission(request)
def has_change_permission(self, request, obj=None):
if obj and self.user_in_obj_group(request, obj):
return True
return super().has_change_permission(request, obj=obj)
admin.site.register(Government, GovernmentAdmin)
admin.site.register(GovernmentPlan, GovernmentPlanAdmin)
admin.site.register(GovernmentPlanUpdate, GovernmentPlanUpdateAdmin)
Reference in a new issue View git blame Copy permalink