From c48d81343e71a7194b5e04ad3261d0ec1b90bd84 Mon Sep 17 00:00:00 2001 From: Hangzhi <hangzhi@protonmail.com> Date: Mon, 20 Apr 2020 19:18:15 +0200 Subject: [PATCH] Replace decorators for dashboard and search with django-rules decorators, adding view_dashboard and search rules and additional global permission search --- aleksis/core/models.py | 1 + aleksis/core/rules.py | 7 +++++++ aleksis/core/views.py | 4 ++-- 3 files changed, 10 insertions(+), 2 deletions(-) diff --git a/aleksis/core/models.py b/aleksis/core/models.py index 37ba7e4c0..90e710171 100644 --- a/aleksis/core/models.py +++ b/aleksis/core/models.py @@ -582,4 +582,5 @@ class GlobalPermissions(ExtensibleModel): ("link_persons_accounts", _("Can link persons to accounts")), ("manage_data", _("Can manage data")), ("impersonate", _("Can impersonate")), + ("search", _("Can use search")), ) diff --git a/aleksis/core/rules.py b/aleksis/core/rules.py index 8cadab888..371949baa 100644 --- a/aleksis/core/rules.py +++ b/aleksis/core/rules.py @@ -12,6 +12,13 @@ from aleksis.core.util.predicates import ( add_perm("core", always_allow) +# View dashboard +add_perm("core.view_dashboard", has_person_predicate) + +# Use search +search_predicate = has_person_predicate & has_global_perm("core.search") +add_perm("core.search", search_predicate) + # View persons view_persons_predicate = has_person_predicate & ( has_global_perm("core.view_person") | has_any_object("core.view_person", Person) diff --git a/aleksis/core/views.py b/aleksis/core/views.py index d2721ff88..d566ce328 100644 --- a/aleksis/core/views.py +++ b/aleksis/core/views.py @@ -26,7 +26,7 @@ from .tables import GroupsTable, PersonsTable from .util import messages -@person_required +@permission_required("core.view_dashboard") def index(request: HttpRequest) -> HttpResponse: context = {} @@ -347,7 +347,7 @@ def delete_announcement(request: HttpRequest, pk: int) -> HttpResponse: return redirect("announcements") -@login_required +@permission_required("core.search") def searchbar_snippets(request: HttpRequest) -> HttpResponse: query = request.GET.get('q', '') limit = int(request.GET.get('limit', '5')) -- GitLab